Information Commissioner goes after recruitment firms

The Information Commissioner's Office (ICO) is urging recruitment agencies to meet their obligations under the Data Protection Act.

The Information Commissioner's Office (ICO) is urging recruitment agencies to meet their obligations under the Data Protection Act

Under the Act, most organisations that process individuals' personal information electronically must notify with the ICO. Failure to notify with the ICO can result in prosecution and fines. 

Recently, the ICO has successfully prosecuted a number of organisations for failing to notify. These included a recruitment company which had to pay a £2,000 fine.

The ICO says its records indicate that approximately 50% of recruitment and employment agencies have not notified with the ICO, and are, therefore, not currently registered as data controllers. 

The ICO said it will soon begin taking further action against those that have failed to notify.

Simon Entwisle, chief operating officer at the ICO, said, "Compliance with data protection principles ensures that individuals' personal information is secure, accurate, up-to-date and processed fairly.
Failure to notify is a serious offence, and the ICO will not hesitate to take action against those organisations that flout the law in this way.”

Notification costs £35 per annum and is made directly to the Information Commissioner's Office, based in Wilmslow, Cheshire.

Spotlight on staff security risks as data watchdog probes C&W breach >>

The ICO >>

Comment on this article: [email protected]

Read more on IT risk management