Dramatic increase in fines for breaching data protection law

How much attention do you pay to prevention of personal data loss and misuse of personal data in your business?

Compliance with the Data Protection Act, which governs the handling of personal data, is even more of a hot topic these days, particularly because new powers, designed to deter personal data security breaches, are expected to come into force on 6 April 2010.

The Information Commissioner's Office (ICO), the body which oversees data protection compliance in the UK, will soon be able to order organisations to pay up to £500,000 as a penalty for serious breaches of the Data Protection Act. (The maximum fine currently is £5,000).

The ICO will take various matters into consideration in determining whether a penalty is payable.

Increasingly, personal data misuse and loss is attracting headlines and the scrutiny of the ICO and the increase in the maximum fine demonstrates that the ICO is being given a real boost to its power.

It is more important than ever to ensure that your organisation is complying with the Data Protection Act.

Essentially under the Act, anyone who processes personal data must comply with eight principles including ensuring that personal data is fairly and lawfully processed, processed for limited purposes, not kept longer than is necessary and is secure.

There are also restrictions on transfer of such data to other countries without adequate protection.

Non compliance could now result in serious financial repercussions. We strongly recommend that an audit is carried out in respect of your current practices and changes made to ensure compliance.

If you would like more information on a data protection audit for your business, or general data protection advice, please contact Kinnary Vyas on kinnary.vyas@harveyingram.com or call 0121 214 1206 .