Increased activity from the ICO in preparation for the EU GDPR


The Information Commissioner’s Office (ICO), the authority for data protection in the UK, has increased enforcement activity compared to previous years.
Currently this year, a record 79 enforcement actions have been issued, 47 of which are monetary penalties – already more than the amount in the whole of 2016 – including the largest fine on record in relation to excessive nuisance calls.
The list of ICO enforcement actions includes a number of public and private companies, charitable organisations, local councils and individuals that failed to comply with the Data Protection Act 1998 (DPA) through incorrect use or storage of personal data.
Incidents include:
The increased activity suggests the ICO is preparing for the EU General Data Protection Regulation (GDPR), which imposes tougher requirements to improve the security of personal data for EU residents. With improved awareness of data privacy rights for the general public in recent years and the new Regulation giving individuals greater control of their information, it’s no surprise that enforcement actions are increasing against organisations where a potential breach has been reported.
The founder and executive chairman of IT Governance, Alan Calder, said: “Organisations have a responsibility to themselves and the general public to uphold the security of personal data in compliance with legislation.
“With the GDPR and Network and Information Security (NIS) Directive coming into effect, businesses should think about the necessary steps towards achieving clear organisational and technical policies to avoid the reputational and financial damage associated with data breaches.”
The ICO provides information for organisations and individuals seeking advice on data protection policy along with a platform for reporting concerns.
To help employee understanding, IT Governance offers the Security Awareness Programme, a bespoke training campaign tailored to each organisation’s needs that embeds a data security culture across the board.
To find out more about our information security training courses, products and services, visit the IT Governance website, email or call +44 (0)845 070 1750.
This website uses cookies. View our cookie policy