There are lessons to be learned from the first fines handed out by the Information Commissioner's Office (ICO) for data breaches, ComputerWeekly reports, highlighting the ICO's recent fines of £100,000 for the Hertfordshire County Council and £60,000 on employment services firm A4e. A primary lesson here is that the ICO will punish "business-as-usual" failures, such as misdirected faxes and unencrypted devices, explains Stewart Room of Field Fisher Waterhouse. "This tells us the ICO considers encryption as a mandatory privacy-enhancing technology," he said, adding, "Punishment despite good behavior also demonstrates the ICO's policy of zero-tolerance for such low-level failings."
Full Story


If you want to comment on this post, you need to login.