11 Nov 2009
The Information Commissioner's Office (ICO) today warned data controllers that it would soon be taking tougher action to curb what it called unacceptably high levels of data theft.
Speaking at an event for data controllers, deputy information commissioner David Smith said that of 711 reports about security breaches sent to the ICO in the past two years, 231 were related to theft.
Smith urged firms to tighten up their security measures and practices, warning them that failure to do so would mean risking hefty fines.
“Since November 2007, we have taken action against 54 organisations for the most reckless breaches... These breaches would trigger a significant fine for organisations were they to occur after the introduction of monetary penalties in 2010," he said.
"We are keen to encourage organisations to achieve better data protection compliance and we expect that the prospect of a significant fine for reckless or deliberate data breaches will focus minds at board level.”
The ICO is also looking to extend its role as an auditor, in a move that should encourage greater adherence to its rules.
Mick Gorrill, the assistant commissioner with responsibility for investigations, added, “People’s data has a value. Many breaches are avoidable and are often the result of poor management processes."
Latest stories from Privacy
Related videos
Related articles
Related jobs
Poll
Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?
V3 examines the key strengths and weaknesses of Samsung's latest iPhone killer
Connect with V3.co.uk
Social networking is almost ubiquitous. This white paper examines the benefits and risks and it looks at the different ways companies can reconcile them
The importance of understanding your infrastructure
Application Security SME, Penetration Tester / Ethical...
Java Developer Thomas Cook Online is the business unit...
Contract Systems Administrator, Southampton My...
PHP Web Developer required to join my market-leading...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Marc Hocking, CTO Becrypt
The recent statement from the Information Com missioner?s Office that levels of UK data loss are ?too high? yet again reinforces the need for organisations to ensure that they treat data with due care and diligence. It is essential to ensure that the right technology solutions are put in place. The proposed £500,000 fines may be an effective wake-up call for businesses, but an Information Assurance policy will not appear overnight. Implementing technology is important, but it is key to remember that there is more to the problem than this. Companies need to sew the importance of data protection and information assurance into the very fabric of the company; there needs to be education for employees, as well as regular updates to security policy. Businesses need to ensure they don?t use a band-aid to cover the potential bullet-hole of data loss.
Posted by: Marc Hocking 12 Nov 2009