A recent incident has brought the importance of safeguarding sensitive data once again into focus. Video recordings of a case of abuse and the questioning of a victim were lost due to being stored unencrypted on a USB stick. The stick, which was supposed to be sent to an appraiser in Berlin, was found to be empty upon arrival. The case has since been handed over to the state data protection officer, who is now investigating the matter.
A spokesperson for the state data protection authority highlighted that when it comes to data carriers with sensitive content, the General Data Protection Regulation stipulates that measures must be taken to ensure confidentiality, such as encryption. Supervisors must make it clear to their employees how USB sticks can be used. There are guidelines in place for the courts and investigations are underway to determine if these were disregarded in this case.
The district court in Schwerin, where the case originated, has expressed regret over the incident. The court stated that official information should only be stored on data carriers provided by the company and that the data must be encrypted. Guidelines on freedom of information have been reiterated to all employees.
It is not the first time such an incident has occurred. Similar cases involving lost or stolen storage media with sensitive data have been reported in Japan and Austria. As such, the spokesperson for the data protection authority appealed to private individuals to secure their storage media as well.
In addition to initiating criminal proceedings against unknown persons on the charge of theft, the district court is also considering disciplinary action in this case. The incident serves as a reminder to all organizations to ensure proper data protection measures are in place to safeguard sensitive and confidential information.
