Brought to you by:

HSBC Insurance fined over lost data

The UK Financial Services Authority (FSA) has fined an insurance company’s operations £3.2 million ($6.4 million) for failing to protect the confidential details of tens of thousands of its customers.

HSBC Life UK, HSBC Actuaries and HSBC Insurance Brokers have all been fined for not having adequate systems and controls in place to protect data from being lost or stolen.

During its investigation, the FSA found unencrypted customer details had been sent by post or courier to third parties. Confidential information about customers was also left on open shelves or in unlocked cabinets.

In April 2007, HSBC Actuaries lost an unencrypted floppy disk in the post. It contained 1900 pension scheme members’ addresses, dates of birth and national insurance numbers.

Despite warnings by the HSBC compliance team, HSBC Life lost an unencrypted CD containing the details of 180,000 policyholders in the post in February last year.