Employers need to take greater steps to tackle data protection breaches, the Information Commissioner’s Office (ICO) has warned.
Employers need to take greater steps to tackle data protection breaches, the Information Commissioner’s Office (ICO) has warned.
More than 1,000 Data Protection Act breaches have been notified to the ICO since November 2007. The majority of breaches are due to human or technical data, for example, staff disclosing data to the wrong people. The ICO is therefore urging organisations to ensure staff are adequately trained in the handling of personal data, and there are clear security and disclosure procedures in place which can be properly implemented and complied with.
On 6 April, the ICO was given new powers to fine organisations up to £500,000 for serious data protection breaches.
Tom Morrison, partner, commercial and IP, Rollits LLP, says: “In tough economic times businesses are understandably keen to find ways to save costs.
“It is important that the key decision makers within private businesses and public sector organisations are able to assess the risks associated with cutting back on training. The savings achieved will quickly pail into insignificance if a lack of training results in a data protection breach. The ICO points to its ability to issue fines, however it seems that the greater risk remains that of long-term damage to an organisation’s hard won reputation.”
