Businesses need to be aware that many second-hand disc drives contain sensitive information that could leave former owners open to prosecution, new research from BT suggests.

Researchers bought 300 discs in the UK, Australia, North America and Germany from various computer auctions and fairs, and online, and found that nearly four out of ten contained details that could embarrass previous owners or get them into serious trouble.

The data included salary details, company financial data, bank account details, hospital records, pornography, and online purchasing details.

This demonstrates the risk at which both companies and individuals are put at from the disposal of disc drives, underlining the need for robust IT support.

BT's Andy Jones questioned why firms were not thoroughly destroying data, given that they were aware of the problem.

"When organisations dispose of surplus and obsolete computers and hard discs, they must ensure that adequate procedures are in place to destroy any data and also to check that the procedures that are in place are effective - whether they are handled by internal resources or through a third party contractor," he said.

In other words, when outsourcing this work to others or doing it themselves, managers need to be vigilant.

In a recent survey of SMEs for Connect, the two most important benefits of outsourcing were 'guaranteed response times' and 'allowing in-house IT staff to concentrate on more strategic issues'