External Communication to Third Parties

Size: px

Start display at page:

Download "External Communication to Third Parties"

Curtis Melton
8 years ago
Views:

1 External Communication to Third Parties Egress Software Technologies Ltd Unit 16 Quadrant Business Center, 135 Salusbury Road, London, NW6 6RJ T: +44 (0) / F: +44 (0) / E: info@egress.com

Center, 135 Salusbury Road, London, NW6 6RJ T: +44

2 External Communication to Third Parties Egress do recommend that you make your clients and partners aware of the new measures and/or procedures your organisation is going to adopt when sharing confidential information and more importantly, what clients will need to do in order to access encrypted information. The following processes include: Distribute notification or announcement via to send to customers and clients. Provide support material such as online resources, web tutorials, online videos and user guides. Provide additional support material e.g. Recipient Quick Start Guide for recipients that wish to send encrypted data back to your users - Covers the full range of information that will be required by the end-user to operate and use Egress Switch. Arrange on-site Egress Switch workshop - The purpose of the workshop is to provide an overview of Egress Switch and Q&A session to key clients and third-parties. This will provide awareness of the product's usage and why. Some example notification templates are shown as follows (please note the text is normally placed inside a company branded /letter): 2

The following processes include: Distribute notification or announcement via email to send to customers and clients.

3 Sample 1 - External Notification On the 6th April 2010 the Information Commissioners Office (ICO), who are responsible for ensuring the Data Protection Act in the UK is adhered to, have had their powers extended and the maximum fine for a data breach has been increased from 5,000 to 500,000. In a statement released, the ICO have further clarified one area which has relevance to the way we exchange information between us; "The loss of personal data transferred in an unencrypted form will be treated as a serious breach and enforcement action will be taken". The relationship that we have with you is extremely important to us, and whilst the risk of the loss of data is extremely small it is something that we take very seriously. As a result of these announcements, from the [insert date] we will now only exchange (send to you) sensitive data in an encrypted form using software from Egress Software Technologies. In order for you to un-encrypt the message or information, you will not be required to install any software onto your PC, but you will need to set up an account at Egress. The benefit of us introducing this software to you is that you can download from the website a full copy of the software at no charge allowing you to send unlimited encrypted s back to us totally free. By encrypting the information you send to us you will also be meeting your legal obligations under the Data Protection Act in your capacity as Data Controller. Egress Switch is very simple to install and use, so please do not hesitate to contact them in the first instance. Alternatively please come direct to either myself or [enter contact here] who would be happy to help and answer any questions you may have, we can both be reached on: xxx-xxxx-xxxx X 3

In a statement released, the ICO have further clarified one area which has relevance to the way we exchange information between us; "The loss of personal data transferred in an unencrypted form will

4 Sample 2 External Notification [COMPANY NAME] take information security seriously. Client data and client confidentiality is at the heart of everything we do and with the ever increasing media reports of the increase in online fraud and data loss in the UK, we have reviewed our own approach to information security. We have decided to introduce some new simple and free to use data encryption measures which will ensure the transfer of electronic data between you and us is now even more secure. It will help us both comply with legal and professional regulations and puts [COMPANY NAME] firmly at the forefront of best practice amongst accountants. No business can afford to ignore the financial and legal consequences of a breach in the security of the information it keeps, nor the impact upon its reputation amongst customers, suppliers, employees and the wider business community. The Information Commissioners Office has a wide range of powers at its disposal to enforce the Data Protection Act These range from assessments and enforcement notices through to fines up to 500,000. Although the Act concerns itself primarily with the protection of personal data, as part of our ongoing review of our information security arrangements, [COMPANY NAME] is now using encryption software to protect commercially sensitive client information as well as personal data. We are also encrypting personal or commercially sensitive client data where it is occasionally necessary to store it on portable devices such as laptops, CD/DVDs and USB keys or when transferring it using FTP sites. We have chosen a solution called Egress Switch because:- It s free - you can receive encrypted s from us and send encrypted s back to us for free. It s incredibly easy to use anyone can download it and it s as easy to use as opening a file. It s incredibly easy to download you don t need admin rights and it works on a wide range of platforms. You can control access through policies, time-outs, revocations and other methods for even greater control. You can encrypt data before storing it on portable devices so your data is secure if you lose a USB stick. Quick to deploy and low cost when you are ready to encrypt your own data. This FREE solution will help us both take effective measures to secure your information. Its common sense and we hope it becomes a standard in use by all businesses. <INSERT COMPANY NAME> 4

5 Sample 3 External Notification As your <accountants, legal firm, etc> we take the security and confidentiality of our client s data extremely seriously. From the 6 th April 2010, the Information Commissioners Office (ICO) has increased powers including the ability to levy fines of up to 500,000. As such, we have decided to introduce data encryption measures in accordance with the latest recommendations from the ICO which will ensure the protection of confidential information sent by , CD/DVD, or uploaded to FTP/Cloud servers. This new service will ensure that we both comply with the legal and regulatory requirements when exchanging commercially confidential and / or personal information as defined by the Data Protection Act. More importantly, this service is available to you at no cost as we have arranged with our supplier, Egress Software, that you may encrypt messages and attachments with no limitations to size or frequency when sharing information with <INSERT COMPANY NAME>. For more information explaining how to use the software please refer to the attached document. Additionally, if you have any questions or require assistance getting set up please contact <INSERT CONTACT DETAILS> <INSERT COMPANY NAME> 5

As such, we have decided to introduce data encryption measures in accordance with the latest recommendations from the ICO which will ensure the protection of confidential information sent by email,

MANAGED PAYROLL SERVICE

MANAGED PAYROLL SERVICE Managed Payroll Service The Payplus Managed Payroll Service is ideal for businesses who wish to completely outsource the management of their payroll administration. This service