Re: Nowhere to hide
my favourite saying is "Security is also providing access to those who should, as well as denying it to those who shouldn't".
This is really important. Actually I could even make an argument that in almost all cases, proper access is more important than data security. Unless of course your data has real life-and-death implications. For two reasons:
Firslty - you're probably trying to do something. If you can't do that something (whatever it is), then your whole organisation is rendered pointless.
Secondly - if you over-secure everything, so that people can't get their work done - then they'll just break the rules. And then your security it toast.
Obviously this is all subject to sensible risk assessment. Sometimes the risk of the right thing not getting done is less than the risk of the data being leaked or damaged - in which case your security needs to be more inflexible, people need to understand why this is and know they'll get hammered if they break the rules.
This is possible though. You can get people to agree to quite unreasonable procedures, so long as everyone agrees that the risk is high enough to justify the pain. And extra effort, and resources, are dedicated to helping the people on the ground to get their work done.
I give an example. My Mum works with vulnerable children. But as an outside consultant for a very well known charity, seeing as she's retired. They've got their network wrapped up nice and tight. So tightly in fact, that she's been working for them since she retired ten years ago - and only got issued a mobile phone this year. So sure, they can now remote delete this data, and enforce a password on her. But before that she had all the details on her personal phone, with no password.
She wasn't allowed to remote connect to their network (or even connect in the office) until she'd done several of those shitty online courses. But you couldn't get onto those online courses, without access to the network! Ahem. So she had to drive 60 miles to the nearest office, only for some shitty online video course thingy - that was a total bureaucratic waste of time. So because she was unable to connect to their secure (so secure you can't access it) data system, she was emailing stuff to her boss to upload, from her personal email account in the clear. And IT were no help, and just followed their procedures.
Sadly many of these big charities seem to have swallowed all the bureaucratic crap of big corporations and government - mostly I suspect by hoovering up all the crappy middle management types that are unemployable elsewhere - because they pay too many staff.
Chaos would be bad. This information is in some cases very sensitive. But just finding the names and addresses of families with disabled kids is easy - there'll often be stories in the media and charity press releases with names, that you can cross rereference with the phone book. I'd suggest that helping them is probably more important than hindering your frontline people - and there's an argument for keeping the sensitive notes in paper form, and never committing them to computer. But if you must, then you need to commit much more IT resources to the necessary hand-holding.