Just in case any organisations, big or small – public or private, still think that they can be cavalier about individual's Personal Information, these few extracts may convince you that you need to embrace the 'user-driven' principles of VRM immediately.
- Monetary penalties of up to £500,000 could be levied on businesses and other
organisations that breach the Data Protection Act. The new powers granted to the
ICO are expected to come into force on 6 April 2010.
- Christopher Graham has called for custodial sentences as a deterrent to stop the
trade in unlawful personal information. The Information Commissioner said the
'existing paltry fines for Section 55 offences' were not enough to stop people
from engaging in such lucrative criminal activity. He added: "The threat of
jail, not fines, will prove a stronger deterrent."
- The ICO will have the power to audit government departments without their
consent from April 2010. The move follows the passage of the Coroners and
Justice Act on 12 November 2009.
- Failing to pay a £35 fee has led two recruitment firms to incur fines and costs
of more than £2,500. An accountancy firm from Newcastle-under-Lyme was also prosecuted and had to pay
a fine and costs of more than £1,700.
- Over 100 data breaches were reported to the Information Commissioner's Office
in the final quarter of 2009. That brings the total number to 818 data breaches
since November 2006. Key concerns are the extent to which portable media containing unencrypted
personal information are still being lost or stolen and the number of data
breaches in the NHS. From April those who continue to be reckless or negligent
about the encryption of portable media will run the risk of financial penalties.
Concerns about the NHS have been raised with the Dept of Health.
- A new plain-English guide to data protection has been produced by the ICO.
The guide uses practical business-based examples to help businesses and
organisations to safeguard personal data and comply with the law. Information Commissioner Christopher Graham added: "There are still too many
organisations playing fast and loose with personal data. Security breaches,
inaccurate records and instances of data being held for too long are too common.
This new guide will help organisations comply with the law and demystify data
protection." To view the guide on the website go to: http://www.ico.gov.uk/for_organisations/data_protection_guide.aspx
Don't hesitate to contact me to evaluate how it can reduce costs and facilitate compliance.