Good question and, going by the news today, the answer is a resounding: "NO!"
What a bunch of incompetent, bumbling idiots!!
Ignoring the fact that the first thing they have done is to blame a junior - who, lets face it, would have been told what to do by someone senior anyway - this type of data should never, never, never be left floating around on disks or mobile devices.
And I mean, NEVER!!
This is the type of data that should be stored in a centralised location under a strict security regime, with strict access and usage protocols.
Anybody else find it interesting that the preliminary of the UK Data Protection Act 1998 (c. 29)*, under section 2 Sensitive Personal Data, doesn't cover your personal financial data??
The following is extracted directly from preliminary of the above site:
Is there another act for the protection of personal financial data? Certainly the banks are criticised when they dump personal banking details without shredding them first, but what are the guidelines? Does anyone know?
Sorry for the rant ... grumpy today!