RSS Alerts

Related Links

  • IT Governance
  • Elsevier Ltd is not responsible for the content of external websites.

Related Stories

  • ICO to make data protection compliance easier
    The Information Commissioner’s Office (ICO) has released a new guide on data protection containing practical advice on data protection compliance. New Information Commissioner Christopher Graham also talked to Infosecurity on the challenges facing ICO.
  • Privacy International slams ICO ruling on Google Street View
    Privacy International has slammed the Information Commissioner's Office (ICO) ruling that Google Street View does not contravene the Data Protection Act.
  • ICO asks UK to criminalise severe data breaches
    The UK information commissioner’s office (ICO) has asked the government to make serious breaches of the Data Protection Act a criminal offence, rather than attracting fines as at present.
  • US standards drive Canadian information security
    An absence of legislation and the presence of the laissez-faire attitude has resulted in Canada being rather lax when it comes to information security compliance. Robin Arnfield looks at how US standards are driving the Canadian information security marketplace
  • Saving face in the absence of legislation
    Avoiding reputation damage to organisations was viewed as top priority by three quarters of respondents in a global information workforce study, commissioned by ISC2 and conducted by analyst firm Frost & Sullivan. John Colley discussed the findings with Eleanor Dallaway…

News

IT Governance warns on data breaches front

31 December 2009

Alan Calder, the chief executive of IT Governance, is warning organisations to prepare for a major new assault on breaches of data protection.

As business prepares to get back to normal in the new year, the governance specialist has said that companies need to act now to meet the increasingly strict requirements of the data protection act compliance regime - or risk the wrath of the Information Commissioners' Office (ICO).

According to Calder, the planned new penalties are of unprecedented severity.

"From April 2010, the ICO expects to impose 25 monetary penalty notices every year for breaches of the DPA. Those fines could be as much as £500 000 pounds each for serious contraventions", he said.

"Any company, or organisation, failing to take reasonable measures to comply will be in the firing line. There could even be prison sentences for deliberate, or negligent, customer data leaks by individuals within an organisation", he added.

Calder went on to say that, as an absolute minimum, organisations should carry out a data protection act compliance audit, to establish what work is necessary and the associated lines of responsibility, as well as executing a risk assessment around the storage and processing of personal data.

To help organisations meet their requirements, Calder's company is launching the IT Governance Complete Data Protection Toolkit, which is billed as combining a compliance assessment tool, compliance documentation toolkit and data protection compliance in a series of pocket guides.

"All UK organisations that hold or process personal data must comply with the data protection act. If you're not really sure if your business is compliant, there is every chance you are far short of the legal requirements", he explained.

 

This article is featured in:
Compliance and Policy

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water