Upcoming changes to the law mean that keeping information secure is a subject that has to be taken more seriously than ever before.
From 6 April 2010, the Information Commissioner’s Office (“ICO”) will have a statutory power to impose a financial penalty of up to £500,000 on any organisation which has committed a deliberate or reckless breach of any of the principles in the Data Protection Act 1998 (“DPA”), which would cover failing to take appropriate data security measures, where that breach is of a kind likely to cause substantial damage and/or substantial distress.
The Government is also consulting on whether to make an order under the Criminal Justice and Immigration Act 2008 which would introduce custodial sentences of up to two years for those guilty of offences under Section 55 of the DPA. Section 55 offences are committed through the deliberate or reckless misuse of personal information, such as that where a member of staff accesses customer information and sells it or discloses it for unauthorised purposes.
These changes are a response to the ways in which technology has transformed the use of data to deliver goods and services. The data held by companies is rapidly increasing, in volume and value. The risks attached to data security breaches are becoming ever greater, with the bar set to rise dramatically in April. Vigilant implementation of an effective data security policy is therefore vital for any organisation and management who fail to act accordingly are leaving themselves potentially exposed.
We are co-hosting a free seminar on information security along with Trustmarque Solutions at the Radisson Blu Hotel in Edinburgh on 24th February. Trustmarque Solutions is one of the largest software licensing companies in the UK and an acknowledged specialist in all facets of software management. Trustmarque and Brodies have organised this seminar to raise awareness of data security issues, from both a legal and a practical perspective.
At the seminar Brodies will discuss the essential elements of an effective data security policy and Trustmarque will make you aware of technology and management processes which will help you to implement your policy successfully.
On February 16, 2010