It’s now time to get smart and Watch Out! Why? Not least because the Information Commissioners Office (ICO) has been granted new powers fine to companies that are careless enough to lose sensitive information.
Previously, fines issued for frivolity with personal data have been as paltry as £300, but with new its new powers the ICO can now issue fines up to £500,000. Two recent cases demonstrate how they’re already starting to flex their muscles with Hertfordshire County Council fined £100,000 and A4e fined £60,000! Penalties that would give any company finance officer nightmares. But, the ICO’s powers may not be limited to just issuing massive fines, indeed they also want to be able to send offenders to jail. Serious stuff indeed.
I was particularly interested in the A4e case mentioned above; in this instance an employee “lost” a laptop containing personal details of thousands of people that had applied for legal aid. Now, we’ve all heard or read of high profile cases where government, healthcare managers or military officials have accidently left laptops on trains or had them stolen from the back seat of a parked car. However, what caught my eye in the A4e case was that the laptop in question was actually stolen from an employee’s home during a burglary.
The case against A4e centred around the fact the data on the device was not encrypted and thus presented a risk it could be used for fraudulent purposes. And, even though no evidence of fraud has thus far emerged, A4e were still handed a £60,000 fine.
In reflecting on this, it strikes me every small business has some kind of database holding sensitive information on employees, customers and clients. So, whatever your business, be it vet, lawyer, engineer, contractor, or other I’d urge you to ensure your data is protected. Virus checkers, full disk encryption, network backup file compare, secure & encrypted communications – the time to act is NOW. I’d hazard that you can no longer afford not to.