According to documents released by the Information Commissioner’s Office (ICO) it is likely that data controllers could be issued with monetary penalties of up to £500,000 for breaches of the data protection act from the 6th April 2010.
The heaviest fines will be issued where contravention is likely to cause substantial damage or substantial distress. In addition the data controller must have known or ought to have known that there was a risk that a contravention would occur and failed to take reasonable steps to prevent it.
“Good data controllers will know not to overreact to this news. They will already have procedures to properly handle personal data in accordance with the Act” says Stephen Hoare, Kensington’s Security Business Development Director.
The ICO expects all data controllers to take reasonable steps to prevent contravention. “Having appropriate policies, procedures, practices or processes in place is great but they need to be embraced and implemented by the whole organisation” adds Hoare.
To maximise the effectiveness of data controllers that are working hard to protect data with passwords and encryption software, organisations and staff need to recognise that laptop theft is often the cause of network attacks and breaches and take steps to minimise the risk of laptop theft in the first place.
Common sense policies combined with an office culture that fosters and expects security lock usage can be quickly implemented by adopting the principles set out in Kensington’s Corporate Security Policy. The policy is written by research analysts IDC and can be easily implemented by organisations large and small.
Hoare concludes: “Organisations will find that the policy document can be the catalyst of cultural change to safeguard itself, its employees and its customers against the chain reaction of disastrous events that can be triggered by the optimistic theft of an unprotected laptop.”
Kensington were proud to support the Council of Europe’s Data Protection Day in January when it officially announced it’s Logon-Lockon campaign. Visit the campaign microsite to download Kensington’s Corporate Security Policy.
Free Security Policy Download:
More information about Kensington LOGON-LOCKON campaign:
More information from the ICO
More information about the Data Privacy Day initiative:
Kensington Press Contact:
Tel: + 48 (0) 662 74 92 96
Fax: + 48 (0) 22 570 18 16