From next week UK organisations that lose sensitive data could be fined up to £500,000 by the Information Commissioner’s Office.
“These penalties are designed to act as a deterrent,” Information Commissioner, Christopher Graham said. Fines will be determined by an investigating a data loss and will take into account whether the loss was accidental, what effect an information leak had, and size and financial position of the organisation.
“When things go wrong, a security breach can cause real harm and great distress to thousands of people. I remain committed to working with voluntary, public and private bodies to help them stick to the rules and comply with the Act. But I will not hesitate to use these tough new sanctions for the most serious cases where organisations disregard the law.”
There are some steps that companies can take to show that they acted in good faith…
You can read more on the official press release (PDF file) from the UK’s Information Commissioner’s Office.
Related posts:
