Re: Sperate dealings
I agree totally. Every staff member should be signed up to the data protection policies, and (if the organisation is any good) receive training on data security. And breaches of such policies necessitate enforcement and if necessary termination of contract.
You DO NOT entrust hard disks with sensitive data to unknown resellers! You especially don't do it coz it's cheap or free! And you don't then mislay the records of the transactions!
When people talk about "failure of management", it sounds like someone just slipped up. In this case it was a systematic failure, and probably was driven by cost-cutting pressures from above. It in no way exonerates the senior management.
Biting the hand that feeds IT
