How to test IT systems within the guidelines of the Data Protection Act

How to test IT systems within the guidelines of the Data Protection Act : "How to test IT systems within the guidelines of the Data Protection Act

BSI has published new guidelines for the use of personal data in system testing, providing a practical tool to help companies in the financial sector avoid potentially reputation damaging and costly security breaches when processing computer-based customer data. The publication, BIP0002: 2003 - Guidelines for the use of personal data in system testing explains how to test IT systems within the guidelines of the Data Protection Act 1998.

The publication is supported by the Financial Services Authority (FSA), who's spokesperson Mike Frost, said: 'This is a practical and very useful work of reference for the cost conscious manager, who understands the benefits both of legal compliance and systems proven to be efficient by valid and credible system testing. At worst, it removes any excuse not to give full consideration to data protection in system testing procedures. It provides a practical methodology that can save considerable time and effort.'"

What does this publication offer?
From the point of view of the customer, security of personal data is paramount.  This new guide advises on avoiding data protection breaches during system testing. Most organizations gather and use personal data and process it automatically. This requires them to undertake system testing of live data that increases the possibility of breaches.