A breach involving your organisation’s personal data can have a significant effect on data subjects, your staff and your organisation (both financially through fines from the ICO and reputationally). The latest research from IBM suggests that an average cost to a UK business of a data breach is £2.9 million when taking into account immediate actions to deal with the breach and longer-term effects of a data breach, such as loss of business.
As the ICO closes its consultation on its new Accountability Framework this week, it’s never been a better time to consider how you can demonstrate data protection accountability in your organisation. The EU General Data Protection Regulation makes it quite clear that it’s not enough just to adhere to the key principles for processing personal data, but that you also need to be able to show how you are meeting these principles.
But what does that mean in practice? Well, the ICO provides a list of areas where it feels organisations should be demonstrating accountability.
The ICO is currently actively contacting organisations they believe to be processing personal data that are not already registered on the ICO's register of fee payers. Every organisation or sole trader who processes personal information must pay a data protection fee to the ICO unless they are exempt. The potential consequence of not paying this fee or paying the wrong fee is a fine of up to £4,350.
The Northern Information Governance Forum (NIGF) will be welcoming Information Governance and IT professionals to its second event at Wigan Town Hall. This event has a particular focus on Accountability will be held on the 30th January.
It will host speakers from leading organisations including the Data Protection Officer from the Newcastle Building Society sharing his experience of implementing the GDPR’s accountability principle, the Information Governance Manager from Wigan Council speaking about making the best use of Social Media and the Internet and a series of breakout sessions to allow more in depth discussion on different areas of accountability including: