Information Commissioner could impose penalties on companies that fail to protect their data Information Commissioner could impose penalties on companies that fail to protect their data - RSS feed from Security Park
(16/07/2009)

ISACA (formerly the Information Systems Audit and Control Association) applauds plans to significantly increase the powers of the Information Commissioner's Office (ICO) later this year.

"Last July, in his outgoing report, Information Commissioner Richard Thomas criticised the EU data protection directive - which underpins the UKs Data Protection Act - for effectively showing its age," said Vernon Poole, CISM, Member of ISACA’s Information Security Management Committee and Head of Business Consultancy for Sapphire

"Reports now suggest that the UK Government will enhance the powers of the ICO, allowing it to raise penalties against data controllers, under Section 55A of the Data Protection Act," he added.

According to Vernon Poole, under Section 55A of the Act - which the Ministry of Justice has reportedly set an internal target for implementation on for later this year - the Information Commissioner will be able to impose penalties on companies that fail to protect their data, when that data is subsequently lost.

Current Government practice, he says, is to provide statutory guidance at least 12 weeks before the legislation comes into force. The original game plan, he explained, was for the penalties to be published in March of this year, ready for Section 55A of the Act to become law. These dates have now passed, he says, but if the internal target is to pass the legislation amendment before the Parliamentary summer recess, then Section 55A could become law by the late Autumn of this year.

"This is good news as, at that stage, we will coming up on the second anniversary of the infamous loss of 15,000 pension customer details on a CD-ROM mailed between HMRC's offices in Newcastle and Edinburgh," he said.

"That incident became the milestone which started off a chain of reports of data losses in the public and private sector in the UK and effectively triggered the amendments to the DPA we now know as Section 55A," he added.

Related topics:  Data management and data security   Legislation 


print versionPrint version | email this to a friendEmail to a friend | related articlesRelated articles


Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.


Other Security news and resources


Security News Suppliers Directory Jobs forum Classifieds Knowledge base White papers Research library Security books Special reports Security interviews Security companies Security events Security links Security market

Product channels

Access Control Biometrics CCTV Intruder Alarms IT Security Manned Guarding Perimeter Protection Physical Security Remote Monitoring Security Services Fire, Health & Safety Other Security Products

IT Security white papers and research library

Access Control  Authentication  Data Management  Data Security  Digital Signatures  Email Security  Identity Management  Internet Security  Intrusion Prevention  Network Security  Remote access security  Security Management  Security Policies  Security Software  Security Threats  Virus Detection Software  Virus Protection  VPN  Vulnerability Assessment  Wireless Security 

Security books, guides, standards and toolkits

RFID and Smart Cards books, guides and reference documents  Biometric books, guides and reference documents  CCTV books, guides and reference documents  Intruder alarms and intrusion detection systems books, guides and reference documents  Monitoring and surveillance books, guides and reference documents  IT Governance, ISO 27001 ISO 17799 and BS 7799 toolkits  Fire, Health & Safety books, guides and reference documents

Security Resources
Directory GET LISTED! Jobs forum Classifieds Knowledge base White papers Research library Security books Special reports Security companies Security events Security links Security market Company news

Security Products
Access Control Biometrics CCTV Intruder Alarms IT Security Manned Guarding Perimeter Protection Physical Security Remote Monitoring Security Services Fire, Health & Safety Security products

Security Markets
Bank and financial services security Corporate and enterprise security Education and school security Entertainment and events security Homeland and Government security Hospital and healthcare security Infrastructure and utilities security Manufacturing and industrial security Public sector security Residential and home security Retail security Small business security Sports and recreational security Transport and logistics security


Ensure that you conduct an effective information security risk assessment that is in line with ISO 27001 by purchasing vsRisk™ Risk Assessment Tool

Need a
Security reference book?
Find it on Amazon
Security books







advertise
sumbit an article
copyright
terms & conditions
privacy policy


CMS and Web design by www.Areza.com

Article search

Directory search


add your company
Google

ISO 18028 (Network Security Management)
Home | About | Contact | Submit article | Advertise | Newsletter | RSS | Search