Your Business Community Logo

Call Us On 0333 358 3399

Join Now Button

Monday, 21 March 2016 09:10

Protect personal data to avoid a fine from the ICO

Written by
The Information Commissioner's Office (ICO) has the power to fine companies that fail to follow the Data Protection Act. Fines can be up to £500,000.

A recent report from the ICO listed common failings. They include:

  • Employment contracts are missing suitable clauses to cover data protection and information security
  • Lack of formal policies and procedures for protecting data
  • Little formal training or awareness of what needed to be done
  • Lack of awareness about security controls such as encryption
  • Lack of controls over paper records and IT systems containing sensitive data
  • Lack of information for individuals about how personal data was going to be processed
  • Personal data was kept for longer than necessary, retention schedules not defined
  • Where CCTV is used, there were no adequate notices to inform individuals that CCTV is in operation on the premises

Companies need to consider their paper and digital information, and the process, IT and HR issues to ensure everything is covered.

Read 810 times Last modified on Monday, 21 March 2016 09:19