Safer Places of Worship

Data Protection & Data Security

The storage of data whether on paper or digital often includes personally identifiable information. Your place of worship has a duty to keep any personal data it holds secure and ensure that it is used appropriately.

This page outlines the requirements for handling data and keeping it protected.



With effect from 25 May 2018 data protection legislation has changed.

Our data protection page is currently being updated.

More information may be found by visiting the Information Commissioners Office website www.ico.org.uk

www.ico.org.uk

Data security is the practice of keeping data protected from corruption and unauthorised access. The focus behind data security is to ensure privacy while protecting personal or corporate data.

Data is the raw form of information stored on our computer databases, networks and files. Data can be anything of interest that can be read or otherwise interpreted in human form.

Why must you keep data secure?

The security of stored data can be threatened by acts such as:.

  • hacking - malicious people might gain access to your systems and alter or delete data;
  • viruses - programmes that are created to cause a nuisance or damage computer systems;
  • fraud - theft of sensitive data such as employee records or valuable intellectual property by hackers or even your own employees;
  • data loss - caused by any of the above or by loss of hardware - e.g. loss or theft of a laptop.

All of these threats have the potential to disrupt and cause damage to the running of your place of worship.

Computer and data security measures

  • undertake a risk assessment and review security. It is good practice to do this when there is a change in circumstances such as when new equipment is purchased or existing equipment is relocated;
  • it is advisable to ensure that computers and all sensitive data are protected by a password. Passwords should be as long as possible (usually eight characters minimum) and the password should contain numbers and letters. It is not advisable to use car registration numbers, dates of birth, pet names and other passwords that can easily be guessed. If you leave the computer on, using a password-protected screen saver can offer further protection;
  • installing and maintaining up to date anti-virus software and firewalls;
  • ensuring computer data is regularly backed up and copies maintained off site;
  • control the use of the internet, downloading software, use of data encryption and memory sticks of any person using the computers;
  • where possible avoid positioning computer equipment in view or by easily assessable windows;
  • ensuring users do not leave equipment unattended in public areas of the church or when working away from the premises;
  • ensuring users don't leave equipment in unattended vehicles, or walk through streets with items such as laptops in recognisable laptop bags;
  • maintain a list of all serial numbers and installed locations of computer equipment;
  • avoid advertising the arrival of new equipment by not leaving packaging in grounds;
  • producing a ‘Business Continuity Plan' (BCP) to assist in getting computer systems quickly back to normal after any security breach or loss.