Dealer management system and car dealer website provider Dragon2000 share their tips for car dealers and garages to reduce data security risks, in light of the recent ICO prosecution resulting in a 6 month jail sentence for a rogue motor trade employee who stole data from his employer.
We’d all like to think that none of our employees would even dream of doing such a thing, but unfortunately it does happen.
Although individuals can be prosecuted for deliberately stealing your customers’ data, don’t be fooled into thinking your business will be absolved of any responsibility in such circumstances. If the ICO determine you hadn’t put processes and procedures in place to reduce the risk of data breaches and actions of rogue employees, you could still face a hefty fine under GDPR.
Here are some tips that we shared during our GDPR Awareness Events back in March and April this year, relating to car dealer and garage employees and data security:
- Ensure all your staff and subsequent new employees are educated on the seriousness of data protection, and explain your business policies and procedures (which your company will have defined in complying with GDPR) which they must adhere to.
- If you hadn’t already in the run up to the GDPR implementation, update your employment contracts to make clear what is expected of employees regarding data protection. Their agreement to it will make action easier should they breach the rules and also shows you put measures in place to help to prevent misuse of your customer data.
- Remind employees that they can be prosecuted as an individual if they deliberately obtain personal data without permission – and face fines or even a prison term.
- Make sure all employees have their own individual logins for any of your systems containing personal customer data. Change passwords immediately if it is suspected they have been shared/compromised.
- Personalise employee login permissions to only give access to areas of your systems and types of data that is required for the employee to perform their role.
- Do not allow employees to give their login credentials to their colleagues. This will avoid accountability issues and potential misuse.
- Revoke logins for all of your systems for ex-employees upon them leaving, do not leave them live for someone else to use.
Our DragonDMS has easily configurable login permissions to help you keep your data secure. Talk to our team today on 01327 222 333 or email firstname.lastname@example.org to find out how our software, APPraise mobile app and our Car Dealer Websites can help you increase profits and reduce costs.