Increased penalties for breaching Data Protection Act
Starting this week, the UK Information Commissioner's Office (ICO) will begin imposing fines up to £500,000 for violations of the country's Data Protection Act. From SC:
Speaking to SC Magazine last year, former Information Commissioner Richard Thomas said that ‘most insider incidents are accidental, but the damage can be very severe, with damage to the people whose data is compromised and to the company, leading to big fines, cost, reputational and share price damage all showing why it needs to be taken seriously'.
He also said that in the last couple of years of his time as the Commissioner, he had persuaded the government to increase the standing, power and resources of the office and this had led to the introduction of increased fines.
One recent example is an incident in which the Stoke-on-Trent City Council lost a USB stick containing confidential data from the social services department. The drive was not encrypted and exposed "records of foster carers, family court proceedings, parenting assessments and, child custody arrangements."