EOL IT Services has now merged with tier1 Asset Management Ltd

Data Protection Breaches Can Cost Your Business Millions

by | Dec 17, 2014 | IT Security

A recent survey has revealed that, as a result of their breaching the Data Protection Act (DPA), some British businesses had to pay penalty charges of £2.17 million between January 2013 and October 2014. This is even in spite of the fact that it is mandatory for companies to comply to these rules. In fact, the Information Commissioners Office (ICO) issued over 60 infringement notices during this 21 month period.

It is worrying that the majority, a huge 94%, of the data breaches were a failure to comply with the DPA’s 7th principle.

One of the most common reasons that these notices were issued was having poor information security, according to IT firm, IT Governance. Other breaches included the simple mistake of sending a fax to the wrong person. However, it is noteworthy that many offences were more serious and damaging than these.

On average, each incident of an online data breach or cyber attack cost companies over £52,000; penalty fees were more severely enforced in these situations. Other data protection breaches, such as losing a file or device, would have cost companies around £35,000.

These recent findings would suggest that there is a lack of care taken with regards to data protection and information security. The high number of breaches also shows that more diligence is required in terms of monitoring companies’ data processing systems to ensure they are all authorised and lawful and to prevent the amount of data misplaced, damaged and lost by companies.

However, because cyber criminals are becoming more and more sophisticated, it is incredibly difficult for businesses to ensure total protection of their data, as they can’t completely secure all access points into the company.

Alan Calder, founder and executive chairman of IT Governance says that “With the proposed EU Data Protection Regulation expected to come into force next year, and the continued proliferation of data breaches, companies cannot afford to be complacent about data protection and information security.”

He recommends that they turn to ISO27001 to address not only the strategic, but also operational aspects of the security of their information and that they should always comply to, not just principle 7 of the DPA, but all principles.

If you would like to find out more about your obligations as a business under the Data Protection Act then give us a call today on 0845 600 4696 or fill in our enquiry form and we will get in touch.

[Photo Credit: dustball ]


Recent Stories

What Do Refurbished Technology Grades Mean?

What Do Refurbished Technology Grades Mean?

As enterprises strive to balance their sustainability targets and a limited financial budget with the technology requirements of the business, an increasing number of CIOs are taking a circular approach to IT procurement. Our ‘take, make, dispose’ culture has had a...

7 Questions to Ask Your ITAD Supplier.

7 Questions to Ask Your ITAD Supplier.

The growth of the cloud, the emergence of hybrid working and remote collaboration along with the soaring quantities of data-rich Internet of Things devices means that IT asset disposition no longer solely concerns the disposal of end of life IT assets. Today’s ITAD...

Are Unintentional Cyber-attackers Risking your Data Security?

Are Unintentional Cyber-attackers Risking your Data Security?

As we learnt during the last couple of years, for the cyber-criminals, a crisis merely presents an opportunity. In 2020, malware attacks rose by 358% and in the first quarter of 2022, Russia experienced nearly 3.6 million data breaches, an 11% increase*. Cyber-attacks...