ONStor Warns UK Businesses to Upgrade Records Systems

By Greg McNevin

May 7, 2007: ONStor is warning UK businesses that if they continue to rely on paper-based records after October this year, they could be in breach of the Data Protection Act 1998 (DPA) and therefore a target for fines.

According to ONStor, organisations will breach the act if all personal data held in their company records has not been digitized and stored securely.

According to techworld.com, the company goes on to note that if a migration from paper-based information is not completed, an organisation could be vulnerable to legal action if it cannot supply personal data within 40 days of request by the general public.

ONStor draws the fire for its argument from research by KPMG released last month which starts off saying “six month countdown to data protection crisis begins.” It says that organisations with significant amounts of paper based records will struggle to comply with simple requests from members of the public, while firms with 'legacy records' will start ramping up investment in digital storage systems.

“We are concerned that many organisations have not grasped the potential scale of this problem - Companies need to understand very quickly how exposed they are, before the relief period comes to an end,” says Steve Kenny, KPMG privacy services leader. “Worryingly, many internal audit and compliance functions may have let this slip off the radar.”

ONStor suggests that organisations move into a proactive rather than reactive frame of mind, and “look at improving overall business efficiency and how they manage their data and information."

While techworld is critical of ONStor jumping on to the fear wagon to make its sales pitch, it does recognise that many companies are allowing their records to languish in outdated systems, subjecting them to a range of risks and inhibiting compliance capabilities.

Comment on this story