Take care of data or face ICO fines

From today, the Information Commissioner's Office (ICO) can serve a Monetary Penalty Notice with fines up to £500,000 for a serious data breach.

From today, the Information Commissioner's Office (ICO) can serve a Monetary Penalty Notice with fines up to £500,000 for a serious data breach.

Under Section 55a of the Data Protection Act 1998, the ICO can impose a fine if there has been a serious contravention of data protection principles by a data controller and the contravention could cause substantial damage or distress.

Fines will be determined by:

  • Seriousness of contravention.
  • Nature of personal data involved.
  • Duration and extent of contravention.
  • Number of individuals actually or potentially affected by the contravention.
  • Matter of public importance.

According to the ICO, fines are more likely to be imposed if an organisation has failed to take reasonable steps to prevent the data loss. For instance, if it has not established adequate procedures, processes and practices to reduce data loss and there are no clear lines of accountability.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close