A survey published in conjunction with this week's UK National Identity Fraud Prevention Week has revealed that many workers feel their firms are not doing enough to protect sensitive documents.

The survey found 75% of workers felt their organisations could do more to protect their customers' sensitive information, and 36% were unsure if their company had a policy in place on handling potentially sensitive documents.

Away from the workplace, the survey found that 64% of people admitted failing to shred sensitive personal documents at home, while 12% said they used the internet without having any security software in place.

Matt Hampton, chief technology officer at IT solutions company Imerja, said, "It is concerning that despite massive media attention surrounding data losses and several government warnings, more than a third of employees apparently still do not know whether their organisation has a policy in place on handling potentially sensitive documents."

In a lot of cases, he said, the problem isn’t the absence of IT security measures, but the lack of staff education in implementing them. "If guidelines aren’t put into practice and properly enforced, an IT security policy isn’t worth the paper it is written on," said Hampton.

Roger Rawlinson, managing director for the assurance division of NCC Group, said, “The average fine for breaching the Data Protection Act is around £10,000 to £20,000, which could spell the end for many businesses right now.

"It is downright worrying that three quarters of the workers surveyed felt their organisations could do more to protect customers' sensitive information – if the employees have no confidence in their own business practices, how can we?"