Hefty fines on horizon for breach of data protection.
Under The Criminal Justice & Immigration Act, which became law a few weeks ago, the Information Commissioner's Office (ICO) is given the power to impose substantial civil penalties on businesses that deliberately or recklessly breach data protection rules.
The move comes just weeks after the Information Commissioner revealed that nearly 100 security breaches were reported last year. These included lost laptops with unencrypted information as well as lost paper records, computer disks and memory sticks.
"Hardly a month has gone by in recent times without news of yet another high profile data security breach," said Caroline Egan, a data protection expert at Hammonds in Birmingham.
"And, until now, the powers of the ICO have been limited to issuing enforcement notices and naming and shaming offending companies.
"Under this new law the Information Commissioner has far greater powers at his fingertips to tackle companies and public bodies which don't go far enough to protect data.
"This should serve as a warning to organisations in the West Midlands."
As well as triggering serious new financial consequences, breaching data protection rules can also severely impact on a company's reputation.
Mrs Egan added: "Individuals who suffer financial loss as a result of a breach of the Data Protection Act can already sue the data controller for their loss and for distress caused.
"If there is a major security leak, allowing identity theft, the sums involved can be huge.
"And this is without calculating the impact of the loss of trust amongst customers and employees not to mention the high profile investigations carried out by the Information Commissioner.
"In the future, we are likely to see the ICO wielding its new powers to fine - a potentially crippling blow to some businesses.
"With the Commissioner looking to bare his new found teeth, and signal a clampdown on information security breaches, businesses would be very wise indeed to review their own internal security measures and data handling procedures to ensure they aren't the first to take the rap."
|Printer friendly Cite/link Email Feedback|
|Publication:||The Birmingham Post (England)|
|Date:||May 20, 2008|
|Previous Article:||Opticians D&A look into high-tech.|
|Next Article:||Cable firms pass phone companies in new customers.|