ICO audit of Data sharing between the public sector and SAFOs
Published 16 April 2015
The ICO recently carried out an investigation and audit into data sharing between the public sector and SAFOs to prevent fraud.
SAFOs are organisations specified as such by the government under the Serious Crime Act 2007. They include Insurance Fraud Investigators Group (IFIG), the IFB and CIFAS.
Although this report is only directly relevant to the public sector, it contains a useful indication by the ICO as to what it considers good practice in sharing data with these organisations, which are relevant to all sectors, not least the financial services sector, sharing data for fraud.
- Ensuring data sharing with SAFOs is governed by agreements setting out agreed rules and standards;
- Agree retention periods with SAFOs to ensure personal data is not kept for longer than is necessary.
To view the publication, please click here.
What action could be taken to manage risks that may arise from this development?
Companies should note the good practice recommendations and follow them when sharing fraud data with SAFOs.