Take care of data or face ICO fines


Take care of data or face ICO fines

Cliff Saran

From today, the Information Commissioner's Office (ICO) can serve a Monetary Penalty Notice with fines up to £500,000 for a serious data breach.

Under Section 55a of the Data Protection Act 1998, the ICO can impose a fine if there has been a serious contravention of data protection principles by a data controller and the contravention could cause substantial damage or distress.

Fines will be determined by:

  • Seriousness of contravention.
  • Nature of personal data involved.
  • Duration and extent of contravention.
  • Number of individuals actually or potentially affected by the contravention.
  • Matter of public importance.

According to the ICO, fines are more likely to be imposed if an organisation has failed to take reasonable steps to prevent the data loss. For instance, if it has not established adequate procedures, processes and practices to reduce data loss and there are no clear lines of accountability.

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy