BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Half a million pound penalty introduced for personal data security breaches by the Information Commissioner's Office

From: Jake Kouns <jkouns () opensecurityfoundation org>
Date: Tue, 26 Jan 2010 00:19:38 -0500
http://www.scmagazineuk.com/half-a-million-pound-penalty-introduced-for-personal-data-security-breaches-by-the-information-commissioners-office/article/161159/

A £500,000 penalty has been introduced by the Information
Commissioner's Office (ICO) for personal data security breaches.

As revealed by SC Magazine last year, there are plans to increase the
punishing powers of the ICO and an announcement revealed that it will
be able to order organisations to pay up to £500,000 as a penalty for
serious breaches of the Data Protection Act.

The ICO has produced statutory guidance about how it proposes to use
this new power, which has been approved by the Secretary of State for
Justice, and was laid before Parliament yesterday.

Information Commissioner Christopher Graham said: “Getting data
protection right has never been more important than it is today. As
citizens, we are increasingly asked to complete transactions online,
with the state, banks and other organisations using huge databases to
store our personal details.

“When things go wrong, a security breach can cause real harm and great
distress to thousands of people. These penalties are designed to act
as a deterrent and to promote compliance with the Data Protection Act.
I remain committed to working with voluntary, public and private
bodies to help them stick to the rules and comply with the act. But I
will not hesitate to use these tough new sanctions for the most
serious cases where organisations disregard the law.”

Chris McIntosh, CEO of Stonewood, said: "This decision to grant the
right for the ICO to impose penalties of up to half a million pounds
for serious breaches of the DPA is great news, as it shows the
Government is finally starting to take data loss more seriously.”

[..]
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php
Previous By Date Next
Previous By Thread Next

Current thread: