Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
[Dataloss] Mandatory data breach notification on the horizon, says ICO

From: Jake Kouns (jkounsopensecurityfoundation.org)
Date: Mon May 03 2010 - 21:02:04 CDT


The Information Commissioners Office (ICO) plans to use its new powers
to enforce data protection in the UK, says David Smith, deputy
information commissioner.

The ICO is no longer a toothless watchdog and will be making it
tougher for the minority of organisations that still do not tow the
line on data protection, he told the opening session of Infosecurity
Europe 2010 in London.

Despite all the attention on the importance of data protection in the
wake of high-profile data breaches by HMRC, the Home Office and the
MoD, organisations are still losing personal information stored on
unencrypted computers and data storage devices, he said.

In the short term, Smith said the new powers to impose fines of up to
500,000 for serious breaches of personal information will undoubtedly
help focus organisations on getting data protection right.

The negative publicity associated with the fines will also help make
organisations take data protection more seriously, he said.

There are also a number of changes on the horizon to enable tougher
action such as mandatory breach notification legislation.

Although voluntary at present, within 18 months the UK will have to
introduce breach notification legislation for the telecoms sector in
terms of a European directive, and it is likely there will be a more
general law before too long, he said.
Dataloss Mailing List (datalossdatalossdb.org)
Archived at http://seclists.org/dataloss/

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.