With the recent story of Barnet council losing a USB stick containing unencrypted data on children in the area still fresh in our minds, from this week, these sort of slippages are going to be punished more severely.
Serious security breaches of the Data Protection Act will be liable to a fine of up to £500,000, depending on the seriousness of the error.
The more weighty financial penalty comes into play tomorrow. Previously, the maximum fine was just £5,000, which did seem rather on the light side, and not much of a deterrent for those being careless with people’s precious details.
The Information Commissioner’s Office will impose the fines, and Information Commissioner, Christopher Graham, commented: “Getting data protection right has never been more important than it is today. As citizens, we are increasingly asked to complete transactions online, with the state, banks and other organisations using huge databases to store our personal details.”
“When things go wrong, a security breach can cause real harm and great distress to thousands of people. These penalties are designed to act as a deterrent and to promote compliance with the Data Protection Act.”