#8/8: Right to have personal data securely stored


Identity fraud occurs when someone steals personal information and uses it to transact in the victim's name without their permission. As digital solutions have rolled out, more and more copies of personal data are being stored. They are stored using many database technologies and updated and accessed using many programming systems.

As businesses moved online legislatures passed laws defining how personal data should be processed, stored and managed.

The technology, though is complicated and security has often been an after-thought during the implementation process. Worse, changes at any level of a system can leave users open to identify fraud so the effort to prevent such criminal activity is never-ending.


Candidates fear their personal data will be leaked to criminals and used for identify fraud. Companies fear letting their users down and the damage their reputations can suffer.

The side effect

Candidates will avoid companies they don't trust with their personal details and pull back from engaging with companies. Companies will lose focus fire fighting 

The standards we all need

Companies need to take data, systems and process security seriously, from the board down. They need to recognise that security isn't a box to be ticked and forgotten but a continuous process that needs regularly reviewing.

The industry needs to develop robust and recognised  security certificates that are as recognisable to consumers as the UK Kitemark and EU CE marking are for safety.

All Charter Rights