ICO Draft Code Says New Powers Will Not Result in Automatic Fines
DATA PROTECTION—UKFebruary 16, 2010
The Information Commissioner's Office (ICO) has announced that while it does not plan to use its new power to levy fines for data protection law breaches if the incidents are discovered during one of its audits, organisations could face fines of up to £500,000 if breaches are not resolved in a timely manner, OUT-LAW.COM reports. "My audit team is developing a risk-based approach to help us focus on those organisations...where complaints are significant and where business intelligence highlights the risk of failure," says Information Commissioner Christopher Graham, explaining that in some cases, audits will be compulsory rather than voluntary. The ICO is currently accepting input on its draft Code of Practice.