European Data Protection Digest

ICO Issues Fines, But Are They Enough?

DATA LOSS—UK

December 2, 2011

The Information Commissioner's Office (ICO) has fined two councils after both experienced data breaches involving e-mail, Computerworld UK reports. The ICO fined Worcestershire County Council £80,000 for a March incident in which it sent e-mails containing sensitive information on a "large number of vulnerable individuals to 23 people on the wrong contact list," the report states. North Somerset Council has been fined £60,000 for sending sensitive data on a child to the wrong NHS employee. Meanwhile, a Public Service.co.uk editorial asks when the ICO will see a significant increase in power, since, "Currently, the ICO's maximum fine is £500,000 and it seems that it still has to hold back on the biggest penalty" until a major breach comes along.
Full Story