The Information Commissioner’s Office (ICO) have updated their guidance for data storage, sharing and security for small organisations.
Think carefully about when to use BCC (blind carbon copy) when sending emails to multiple addresses.
Failure to use BCC correctly in emails is one of the top data breaches reported to the ICO every year – and these breaches can cause real harm, especially where sensitive personal information is involved.
When you use the ‘BCC’ field to send an email, the recipients can’t see each other’s email addresses. You can use this if the personal information you’re sharing isn’t sensitive and there’s little risk. But if your email may reveal sensitive information about the recipients, you should assess whether using other secure methods would be more appropriate.
Under data protection law, organisations must have appropriate technical and organisational measures in place to ensure personal information is kept safe and not inappropriately disclosed to others.
For further information please select the following link: Data storage, sharing and security | ICO