EOL IT Services has now merged with tier1 Asset Management Ltd

Data Protection Breaches Can Cost Your Business Millions

by | Dec 17, 2014 | IT Security

A recent survey has revealed that, as a result of their breaching the Data Protection Act (DPA), some British businesses had to pay penalty charges of £2.17 million between January 2013 and October 2014. This is even in spite of the fact that it is mandatory for companies to comply to these rules. In fact, the Information Commissioners Office (ICO) issued over 60 infringement notices during this 21 month period.

It is worrying that the majority, a huge 94%, of the data breaches were a failure to comply with the DPA’s 7th principle.

One of the most common reasons that these notices were issued was having poor information security, according to IT firm, IT Governance. Other breaches included the simple mistake of sending a fax to the wrong person. However, it is noteworthy that many offences were more serious and damaging than these.

On average, each incident of an online data breach or cyber attack cost companies over £52,000; penalty fees were more severely enforced in these situations. Other data protection breaches, such as losing a file or device, would have cost companies around £35,000.

These recent findings would suggest that there is a lack of care taken with regards to data protection and information security. The high number of breaches also shows that more diligence is required in terms of monitoring companies’ data processing systems to ensure they are all authorised and lawful and to prevent the amount of data misplaced, damaged and lost by companies.

However, because cyber criminals are becoming more and more sophisticated, it is incredibly difficult for businesses to ensure total protection of their data, as they can’t completely secure all access points into the company.

Alan Calder, founder and executive chairman of IT Governance says that “With the proposed EU Data Protection Regulation expected to come into force next year, and the continued proliferation of data breaches, companies cannot afford to be complacent about data protection and information security.”

He recommends that they turn to ISO27001 to address not only the strategic, but also operational aspects of the security of their information and that they should always comply to, not just principle 7 of the DPA, but all principles.

If you would like to find out more about your obligations as a business under the Data Protection Act then give us a call today on 0845 600 4696 or fill in our enquiry form and we will get in touch.

[Photo Credit: dustball ]


Recent Stories

The Hidden Environmental Impact of Our Smartphones.

The Hidden Environmental Impact of Our Smartphones.

Checking emails, social media or the news; banking, making payments, taking photographs, finding our way; it is fair to say that we would be lost without our smartphones, perhaps literally. Oh, let’s not forget, our now indispensable devices also make calls. Essential...

Delivering Social Value Through Our Business Operations

Delivering Social Value Through Our Business Operations

We have become increasingly aware of economic, social and environmental issues. Our renewed sense of community, which naturally came into focus during Government lockdowns, furthered the opportunity for ethical businesses to drive social impact, rather than simply be...

Navigating the Subjectivity of Refurbished IT Devices

Navigating the Subjectivity of Refurbished IT Devices

Reconditioned, renewed, pre-owned… as there are no hard and fast definitions of what the phrase ‘refurbished technology’ means, purchasing restored devices can feel a little like navigating a minefield. This confusion, poor experiences or deep-rooted misconceptions...