The Information Commissioner's Office (ICO) powers of enforcement in relation to serious breaches of one of the eight principles in the Data Protection Act (DPA) 1998, including data security breaches, have just been strengthened. Furthermore, the ICO can also now fine individuals (e.g. directors) as well as the organizations themselves. Previously, the ICO could only issue enforcement notices against organizations in breach of the DPA or send a case to court. A case of failure to comply with binding undertakings would be a breach of contract which could lead to action being taken. In addition, it is a criminal offence under the DPA to knowingly or recklessly obtain, disclose or procure the disclosure of personal information, or to sell (or offer to sell) it. Remember, people expect their personal information to be properly protected at all times.
Pages to are hidden for
"Information Commissioner gets new powers to fine"Please download to view full document