Data Protection – Have you Protected your Business ?
Data Protection Regulations affect every business and their handling of all private data which comes their way. Many business owners are not aware of these effects, even though the consequences of not following the regulations can damage their business.
This is a matter that every business needs to take seriously, especially after the recent fines imposed by the Information Commissioner on those who breached the regulations.
Recent Fines Ordered by the Commissioner:
This is the first time that the Commissioner has imposed monetary penalties for breaching the Data Protection Act 1998, intending for this to send a strong message to businesses that they must take data protection seriously.
The two cases were:
- Employees in the Hertfordshire County Council childcare litigation unit faxed highly sensitive personal information to a member of the public by mistake. It was found by the Commissioner that the Council failed to take sufficient steps to reduce further similar breaches. The Council was fined £100,000.
- An Employment Services company lost an unencrypted laptop containing personal data relating to 24,000 people who used community legal advice centres in Leicester and Hull. The laptop was taken by an employee working from home and was stolen shortly afterwards where they attempted, unsuccessfully, to access the information stored on the computer. The Commissioner fined the company £60,000.
Powers of the Commissioner to Impose Penalties:
If your business seriously breaches the principles set out in the Data Protection Act 1998 and accompanying regulations, and this breach is likely to cause substantial damage or distress, the Information Commissioner could fine you up to £500,000.
To make such a finding against you, the Commissioner must be satisfied that you knew or ought to have known about the breach and that it would cause such damage and distress, yet you failed to take any reasonable action to prevent it.
Action you can Take:
To protect yourself from a breach, data loss or leak of confidential information, or to mitigate the potential for a fine or other legal problem, it is advisable that you take legal advice and specialist IT security advice on prevention.