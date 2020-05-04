Comment from Guardum: 190 law firms affected in data security flaw

May 2020 by Darren Wray, CTO at data privacy experts Guardum

Following the news around a data security flaw which exposed thousands of legal documents which potentially affected the clients of about 190 law firms: Darren Wray, CTO at data privacy experts Guardum offers the following comment:

“This incident further demonstrates the need for organisations and particular SaaS and data hosting services to have a data retention policy that is granular in respect to personal information. I don’t think that many of the people who provided this personal information would expect it to still be stored and available three years after it was provided, particularly information that can’t be changed like eye colour and names of parents.

In order to overcome this problem, organisations can benefit from finding and redacting personal information in documents and other unstructured forms, whilst leaving the rest of the document usable and accessible. Companies taking this approach can protect themselves and their customer’s data as well as maintaining compliance with GDPR and other national and international data protection and cyber security laws.

The world is a changed place and that needs to be reflected in company’s data retention policies and practices.”