In April 2010 the Information Commissioner (“the IC”) received new powers which allowed it to fine organisations up to £500,000 for breaches of the Data Protection Act 1998 (“the DPA”). With the IC using its greatly enhanced powers and the Financial Services Authority cracking down on financial service businesses that fail to preserve customer data, data security is high on the agenda.
The IC has published a Code of Practice - applicable to public, private and third-sector organisations - to explain how the DPA applies to the sharing of personal data and what constitutes good practice.
For more information, the Code is available from the Information Commissioner’s Office website: www.ico.gov.uk
The risks of any fines or breaches under the DPA is to conduct a data protection audit. We have established a cross-office, cross-discipline team of experts in data protection matters and will be issuing regular updates on the topic as well as various specialised products and data security audits to our clients. We can offer an audit conducted in line with the methodology set out in a Government approved audit manual, but tailored to meet your individual business requirements.