P45 sent via e-mail unencrypted

Jack1991

Definitely not good practice, anything with personal information should be encrypted its really not hard.
At my my work we have local authorities complaining when we send encrypted documents " to hard to enter a password...." the documents contain things like NI numbers bank account details I dont think people realise the penalties if something goes wrong.

Undervalued

Mersey wrote: »

It'd be a DPA breach - reportable to the ICO - if they'd accidentally emailed it to someone else; but, not yourself, as you'd requested the P45.

Exactly, IF they had. However the OP has no evidence that has happened.

I agree with some of the other posters it is not good practice. A bit like leaving your house unlocked by accident but, despite that, not getting burgled!

getmore4less

sangie595 wrote: »

OP appears to have a thing about the information people hold/use/publish.

What are the unscrupulous individuals doing with access to your email - have you been careless with your security?

email is an insecure method of transmission as it is a store and forward that can use intermediate points often multiple hops.

you have control over your client end and a server if you have one but most use a service.

access to the content is outside your control.

KiKi

Any personal data being sent outside internal servers really should be password protected or encrypted for DPA reasons, with any passwords sent in a separate email, but it's not the law. At worst, they've not followed their own procedures.
KiKi

steampowered

I regularly send confidential documents for deals worth millions via email. As does everyone else in the finance world. Encryption is not common place and not required.

daytona0

It depends what your job was..


If you were a high-ranking government agent, or a member of MI5, then I'm completely on your side. But if you are talking about a private company (even as big as google) then what is the difference between email and post here?!

Also, I've scoped out your previous post history... In 2013 (3 years ago!) you were curious about what data 192 and other companies held about people... That has either been bred into you by a company, or is a pet subject of yours. I would be curious to know which it is

Ronaldo_Mconaldo

if it was sent by email then it was encrypted.

paddyrg

steampowered wrote: »

I regularly send confidential documents for deals worth millions via email. As does everyone else in the finance world. Encryption is not common place and not required.

Just a tip - start looking at actually encrypting stuff. The fact that you haven't hit problems so far doesn't mean good practice should be discarded.

If you're in high finance for a proper company you might find there's a lot of TLS encryption been put in place for you, to protect you from yourselves. An SMTP email leaves a copy of itself on every hop along the way - that could be 30 copies of your valuable email in places you don't control.

glennevis

Ronaldo_Mconaldo wrote: »

if it was sent by email then it was encrypted.

Rubbish. You must be confusing encoding with encryption.