Advice from Wedlake Bell states filing cabinets containing personal data should be kept locked and access to keys only available to relevant staff.
Visitors to company premises should be signed in and out while being accompanied in areas normally restricted to staff, states the firm.
Jonathan Cornthwaite, a partner at the organisation, says: ‘Appropriate organisational measures may include training and monitoring staff members in relation to the security policy which the data controller should have in place.’
He adds that businesses should be prepared for security threats from inside a business. These may arrive via staff mistakes or deliberate misuse.
The police should also be contacted by a business which has had any important files or documents stolen.
Wedlake Bell is a law firm and is a member of the Federation Against Software Theft (Fast).