Test and Trace is now a legal requirement. Those in hospitality, tourism and leisure industries, close contact services and local authority facilities must collect details from at least one member of every party of customers or visitors (up to 6 people). There is also a requirement to keep a record of all staff working on their premises and shift times on a given day and their contact details. These records of customers, visitors and staff must be kept for 21 days and provide data to NHS Test and Trace if requested. Venues can also display an official NHS QR code poster so that customers and visitors can ‘check in’ using this option as an alternative to providing their contact details. All of this information must then be kept safe in accordance with General Data Protection Regulations (GDPR). A lot to think about for a small business!
Securing physical and online data
You are responsible for the data that you collect and will be held accountable in the event of a data breach. To avoid this from occurring, you need to take the necessary steps to ensure that the information you store is secure. To help you get this right, The Information Commissioners Office (ICO) has posted five simple steps you can take to better protect your customer and visitor details over this period as well as what you should consider when collecting these.
What happens in the event of a breach?
In the event of a data breach, your business could be at risk of fines and potential lawsuits if the breach is found to be caused by negligence. You have a duty to keep records physically and electronically safe and should ensure you have adequate cybersecurity measures, including staff training, in place.
Despite the best intentions, mistakes can and will be made and it’s worth preparing your defence now against the possibility of something going wrong. During the coronavirus pandemic, the risk of a cyber-attack has risen due to opportunist criminals targeting businesses as they’re vulnerable and adapting to new technologies and processes. With Cyber Insurance, you can better protect your business against cybercrime, covering you in the event that sensitive information is accidentally shared.
What does Cyber Insurance include?
Cyber Insurance helps aid your recovery after a cyberattack, including restoring systems, mitigating reputational damage, cyber extortion and loss of data. To learn more about the full extent of features you can benefit from with the tailored Cyber Insurance policy, just get in touch with your local office Boston 01205 365675, Sleaford 01529 303936 or Lincoln 01522 540651.