Keep your data protection policies under review or face fines up to £500,000, says Carolyn Fink, associate at Penningtons Solicitors

Social landlords beware: UK data protection regulator the Information Commissioner’s Office was granted new powers on 6 April to order organisations to pay hefty financial penalties for breach of the Data Protection Act 1998. The ICO may now fine companies and other organisations up to £500,000 for serious data protection breaches by issuing a ‘monetary penalty notice’.

In statutory guidance published by the ICO, it has advised that fines will only be imposed for serious and reckless breaches of the DPA and where the organisation has failed to take reasonable steps to prevent the breach. Serious breaches are those ‘of a kind likely to cause substantial damage or substantial distress’. In determining the amount of a fine, the ICO will take into account the sector, the size, financial and other resources of a data controller (that is a person or organisation who determines how personal data should be processed).

The full article is available at Insidehousing.co.uk