Tomorrow the UK’s Information Commissioner’s Office (ICO) gets the power to fine businesses up to £500,000 for significant breaches of the country’s Data Protection Act.
News site V3.CO.UK quoted Information Commissioner Christopher Graham in January: “As citizens, we are increasingly asked to complete transactions online, with the state, banks and other organisations using huge databases to store our personal details. When things go wrong, a security breach can cause real harm and great distress to thousands of people.”
They also wrote that “The new powers have been welcomed by many in the industry, who have hitherto seen the ICO as a largely toothless watchdog.
“Jonathan Nugent, a solicitor with PricewaterhouseCoopers Legal, argued that they should help to tackle the threat of continued data breaches.”
Commentators said the new powers should prompt IT departments to seriously review their procedures to be sure they are in compliance with good data safety practices. Enterprises also should begin or expand employee training to be sure customer’s personal data is safeguarded.
The Commissioner’s Office was granted the fining power by action taken by the Secretary of State for Justice in January. Initial provisions for the power to impose fines were in a 2008 Criminal Justice and Immigration Act.
— Tom Kelchner