John Wicks
CANSFORD LABS
Data security in drug testing: the real importance of email encryption
on Jan 28, 2020
By the very nature of our work at Cansford Labs, we deal with highly sensitive and personal client information. Protecting the security of that data is a legal responsibility that we don’t take lightly.
Email encryption reassures our clients that we take their data security seriously. In fact, by sending out unsecured emails we would be breaking the General Data Protection Regulation (GDPR) and going against specific recommendations we have been given by the Information Commissioner's Office (ICO).
Here, we explain in detail why ensuring data security is vital to offering a first-rate, reliable and legal service to clients.
The sensitive nature of drug testing
The results of a drug test - even the fact that an individual has been asked to take a drug test in the first place - can have a huge impact on the individual’s life if the information ends up in the wrong hands. And since May 2018, we’ve had further legislation to comply with in the form of GDPR.
- You may like: Conflicting drug test results: what next?
The GDPR requires organisations of all types and sizes to implement the appropriate technical and organisational measures required to process personal data securely. Personal data, in this case, is anything that could cause an individual to be identified. First and foremost, as a “data controller” with a strong sense of the trust placed in us by clients, we are not willing to take any risks with sensitive data.
"It’s vital that we implement the most secure measures possible."
Secondly, it is our legal responsibility to decide how we best implement the regulation within our company. A failure to do so would not only put our clients’ data security at risk, but would potentially land us with a sizeable fine and damage our reputation. As such, it’s vital that we implement the most secure measures possible.
Our own internal databases are incredibly secure. But we also need to ensure that any data we transfer either internally or to lawyers and workplaces with whom we work is sent and received in a way that its security cannot be compromised. And for this, email encryption is our chosen solution.
Why email encryption works
Billions of emails that are sent and received every day could, in theory, be intercepted and read by a third party - not necessarily a human, but a bot that can look out for key pieces of personal information contained within an email to decide whether the contents are worth harvesting.
"At Cansford Labs, we are committed to keeping client data secure."
At Cansford Labs, we are committed to keeping client data secure, and because we use email as our preferred method of transfer, encryption is the best and most secure way to do this.This necessarily means that the recipient must use a password to open the email. Yes, this adds an extra step to the process of reading the mail, and, on rare occasions, clients have commented that this can seem inconvenient.
But we’re sticking to our guns! The Information Commissioner’s Office has highlighted to us that they have seen numerous incidents of personal data being subject to unauthorised or unlawful processing, loss, damage or destruction. They also state that, in many cases, the damage and distress that such incidents have caused could have been reduced - or even avoided - had this personal data been encrypted. Companies can also face substantial financial penalties for not properly securing personal data.
In many cases, the damage and distress caused by these incidents may have been reduced or even avoided had the personal data been encrypted. By failing to encrypt email communications about client drug tests, other laboratories will find themselves in breach of GDPR - and at risk of seriously compromising their clients’ personal data.
We recognise the irritations that encryption services bring and we are actively trying to identify better solutions. However, while encryption may make email communications a little more time-consuming and more complicated, the benefits clearly outweigh the negatives. Our commitment to service excellence underpins everything that we do - and that includes making sure that our customer data remains safe, secure and uncompromised.
For drug and alcohol testing with secure, GDPR-compliant results, contact us to find out how we can help.
John Wicks
John Wicks is one of the UK's leading experts in drug testing and has been for over 25 years. He is CEO and co-founder of Cansford Laboratories, a drug and alcohol testing laboratory based in South Wales. John is one of the ‘original expert minds’ who alongside co-founder Dr Lolita Tsanaclis, is responsible for bringing hair testing to the UK.