Nowadays, every organisation faces its own compliance challenges, both legal and contractual. One common compliance issue facing all UK companies is the Data Protection Act
(DPA) - all organisations in the UK that handle private information are legally obliged to comply with the Act.
The statistics show that many UK organisations are still not familiar with, or don’t adhere to, the data protection law, and by breaching it, they have become subject to large fines, as well as suffering reputational damage and financial loss. Here are just a few recent examples:
In 2012 the Information Commissioners Office issued fines totalling £1,885,000 to nineteen local councils.
In January 2013 Sony was fined £250,000 for allowing the personal information of gamers to be compromised in their PlayStation Network Platform.
In February 2013 the Nursing and Midwifery Council was issued a £150,000 penalty for losing three DVDs of a nurse’s misconduct hearing.
“The first step to achieving compliance is to understand your obligations” says Alan Calder, CEO of IT Governance
, the leading IT governance, risk management and compliance experts.
Calder recommends the following books on data protection. They have been written to assist public and private organisations in the UK to understand what is required from them and what measures to take.
Data Protection Compliance in the UK
is written by two of the UK’s leading data protection lawyers giving a clear and concise advice for organisations that need to comply with the DPA. It is suitable for all staff, from junior to board level, this guide details the requirements of the DPA, offers compliance guidance and explains the dangers of non-compliance. The book is available to order online at www.itgovernance.co.uk/shop/p-515.aspx
Data Protection - A Practical Guide to UK and EU Law
, now in its 3rd edition, is one of the most widely-used resources on the DPA. Using real-world examples of breaches, the guide offers practical solutions to UK and EU data protection challenges. More information on the book can be found at www.itgovernance.co.uk/shop/p-517.aspx
How to Survive a Data Breach
says that you can hope for the best, but have to prepare for the worst. This book will teach readers how to respond to a data breach, handle the situation and minimise the damage. Available both as a soft cover and as an e-book, this pocket guide can be ordered from www.itgovernance.co.uk/shop/p-581.aspx