Information Commissioner goes after recruitment firms
The Information Commissioner's Office (ICO) is urging recruitment agencies to meet their obligations under the Data Protection Act.
The Information Commissioner's Office (ICO) is urging recruitment agencies to meet their obligations under the Data Protection Act.
Under the Act, most organisations that process individuals' personal information electronically must notify with the ICO. Failure to notify with the ICO can result in prosecution and fines.



From forensic cyber to encryption: InfoSec17
Security technologist Bruce Schneier’s insights and warnings around the regulation of IoT security and forensic cyber psychologist Mary Aiken’s comments around the tensions between encryption and state security were the top highlights of the keynote presentations at Infosecurity Europe 2017 in London.
Recently, the ICO has successfully prosecuted a number of organisations for failing to notify. These included a recruitment company which had to pay a £2,000 fine.
The ICO says its records indicate that approximately 50% of recruitment and employment agencies have not notified with the ICO, and are, therefore, not currently registered as data controllers.
The ICO said it will soon begin taking further action against those that have failed to notify.
Simon Entwisle, chief operating officer at the ICO, said, "Compliance with data protection principles ensures that individuals' personal information is secure, accurate, up-to-date and processed fairly.
Failure to notify is a serious offence, and the ICO will not hesitate to take action against those organisations that flout the law in this way.”
Notification costs £35 per annum and is made directly to the Information Commissioner's Office, based in Wilmslow, Cheshire.
Spotlight on staff security risks as data watchdog probes C&W breach >>Comment on this article: computer.weekly@rbi.co.uk
Read more on IT risk management
-
Why businesses must think like criminals to protect their data
-
Security Think Tank: Use awareness, education and controls to halt cryptojacking
-
Security Think Tank: Awareness is a good starting point to counter fileless malware
-
Security Think Tank: Human, procedural and technical response to fileless malware
Start the conversation
0 comments