11 Nov 2009
The Information Commissioner's Office (ICO) today warned data controllers that it would soon be taking tougher action to curb what it called unacceptably high levels of data theft.
Speaking at an event for data controllers, deputy information commissioner David Smith said that of 711 reports about security breaches sent to the ICO in the past two years, 231 were related to theft.
Smith urged firms to tighten up their security measures and practices, warning them that failure to do so would mean risking hefty fines.
“Since November 2007, we have taken action against 54 organisations for the most reckless breaches... These breaches would trigger a significant fine for organisations were they to occur after the introduction of monetary penalties in 2010," he said.
"We are keen to encourage organisations to achieve better data protection compliance and we expect that the prospect of a significant fine for reckless or deliberate data breaches will focus minds at board level.”
The ICO is also looking to extend its role as an auditor, in a move that should encourage greater adherence to its rules.
Mick Gorrill, the assistant commissioner with responsibility for investigations, added, “People’s data has a value. Many breaches are avoidable and are often the result of poor management processes."
Latest stories from Privacy
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
JavaScript / HTML5 Developers required to join a hugely...
Embedded Engineers with experience of developing consumer...
ASP.NET, C#, VB - SENIOR DEVELOPER, LUTON, BEDFORDSHIRE...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Marc Hocking, CTO Becrypt
The recent statement from the Information Com missioner?s Office that levels of UK data loss are ?too high? yet again reinforces the need for organisations to ensure that they treat data with due care and diligence. It is essential to ensure that the right technology solutions are put in place. The proposed £500,000 fines may be an effective wake-up call for businesses, but an Information Assurance policy will not appear overnight. Implementing technology is important, but it is key to remember that there is more to the problem than this. Companies need to sew the importance of data protection and information assurance into the very fabric of the company; there needs to be education for employees, as well as regular updates to security policy. Businesses need to ensure they don?t use a band-aid to cover the potential bullet-hole of data loss.
Posted by: Marc Hocking 12 Nov 2009