TechWeekEurope reports on a tactic some organizations have considered using in order to avoid data breach fines. The Information Commissioner’s Office (ICO) has promised not to fine companies for data breaches if the breach is discovered during a voluntary audit. As such, some organizations have considered asking the ICO for an audit after a breach has already been discovered internally, the report states. This sometimes requires organizations to delete a data trail ahead of the audit. “If we discover duplicity, that there was a breach that you knew about and didn’t report, then you’re in deep trouble,” said Information Commissioner Christopher Graham. “There are no games to be played.”
If you want to comment on this post, you need to login.