IT Governance Blog on IT governance, risk management, compliance and information security. » DPA

Latest DPA breach highlights the need for physical and cyber data protection

kwright — Tue, 07 Feb 2012 11:07:26 +0000

The Information Commissioner’s Office (ICO) announced on Friday that E*Trade, a global financial services company, breached the Data Protection (DPA) Act by losing over 600 customer personals details. The company discovered files of 608 customers had been lost when asked to retrieve them from a storage facility in which E*Trade were keeping them. Head of [...]

Latest DPA breach highlights the need for physical and cyber data protection is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

Did you know compliance can win you new business?

kwright — Wed, 01 Feb 2012 16:30:51 +0000

Organisations should not just see compliance to such standards as the Payment Card Industry (PCI) and Data Protection Act (DPA) as ways to combat cyber crime. PCI and DPA compliance can, and should, be used as a business driver.

Did you know compliance can win you new business? is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

Midlothian Council Fined £140,000 for 5 DPA Breaches

kwright — Tue, 31 Jan 2012 10:04:08 +0000

Yesterday the Information Commissioner announced that he had fined Midlothian Council £140,000 for disclosing sensitive personal information to the wrong recipient on 5 separate occasions. All 5 breaches involved children’s social service reports and occurred between January and June 2011.

Midlothian Council Fined £140,000 for 5 DPA Breaches is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

O2 suffers data leak – but do they care?

kwright — Thu, 26 Jan 2012 11:07:46 +0000

Mobile giant 02 have suffered a couple of embarrassing gaffs this week. Firstly it was revealed that they had been inadvertently been passing their customers phone numbers on to any site that they visited when using O2’s 3G network on smartphones. With almost half of O2’s customers using smartphones, the data leakage could possibly have affected up to 15 million people.

O2 suffers data leak – but do they care? is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

Charity loses memory stick containing unencrypted patient data

Melanie Watson — Mon, 23 Jan 2012 11:09:47 +0000

Since losing the memory stick and coming under the wrath of the ICO for suffering a data breach, Praxis Care is now committed to improving its data protection standard.

Charity loses memory stick containing unencrypted patient data is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

Bring Data Protection to Life

Melanie Watson — Mon, 16 Jan 2012 16:49:07 +0000

With engaging tutors and interesting content, our DPA Foundation Course will bring data protection to life.

Bring Data Protection to Life is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

Will the ICO issue £1.8M in fines for ‘avoidable’ data breaches in 2012?

James Warren — Wed, 11 Jan 2012 15:20:15 +0000

The Information Commissioner's Office (ICO) website shows that £541,000 in fines were issued during 2011 between 7 organisations, making the average fine £77,285! This is not counting the fines issued by courts following a prosecution. This is an increase of 238% over 2010, when the power to issue monetary penalty notices were first introduced to the ICO.

Will the ICO issue £1.8M in fines for ‘avoidable’ data breaches in 2012? is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

10 biggest cyber threats of 2011

Melanie Watson — Wed, 04 Jan 2012 10:27:48 +0000

2011 saw a vast growth in the number of malware attacks on businesses and individuals. Hackers are now at a point where they can "wreak havok and access the best-kept secrets of organisations without ever leaving their living-rooms". From phishing scams, to the Sony hack, 2011 has seen the worst of all cyber attacks. Millions of people's data has been compromised around the world: hackers have made millions, whilst companies have lost millions. So, will 2012 see a repeat of last year? Or will we clamp down on cyber crime once and for all?

10 biggest cyber threats of 2011 is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

Ensure you are DPA compliant for 2012 with this special offer toolkit

kwright — Wed, 14 Dec 2011 10:33:56 +0000

Data protection is a critical issue for all businesses in both the public and private sector. You need to ensure the protection and correct management of sensitive data and customers details in both the physical world and cyber space.

Ensure you are DPA compliant for 2012 with this special offer toolkit is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

Leaked EU Directive: Upping Data Protection Game

Melanie Watson — Fri, 09 Dec 2011 13:05:32 +0000

There has been reports that the new EU Data Protection Directive (meant to be released Jan 2012) has been leaked. And guess what? There are at least two new changes that will shake up the EU (as if it hasn't been shaken up enough already).

Leaked EU Directive: Upping Data Protection Game is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

Record £130,000 Fine For Council’s Breach of the DPA

kwright — Wed, 07 Dec 2011 17:15:56 +0000

This week the ICO has issued his largest ever fine for a breach of the Data Protection Act (DPA). Powys Council were fined £130,000 after details of a child protection case were sent to the wrong person. The recipient of the email knew the identities of the parent and child.

Record £130,000 Fine For Council’s Breach of the DPA is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

Don’t give cyber criminals an early Christmas present

Melanie Watson — Thu, 01 Dec 2011 15:07:55 +0000

With Christmas approaching and work slowing down, security measures are often more relaxed. STOP and THINK. This is the perfect time for a hacker to attack your business.

Don’t give cyber criminals an early Christmas present is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

Cut bank fees and avoid double fines, learn how with this combination compliance course

James Warren — Thu, 01 Dec 2011 14:24:33 +0000

Banks are charging higher fees by default to merchants that have not proved compliance with the payment card industry data security standard (PCI DSS). You could be paying much more than you need to – FACT!

Cut bank fees and avoid double fines, learn how with this combination compliance course is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

Lack of DPA training costs local councils £140,000

kwright — Tue, 29 Nov 2011 11:51:19 +0000

The Information Commissioner has issued two local councils with fines after they sent highly sensitive personal information to the wrong recipients.

Lack of DPA training costs local councils £140,000 is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

Ensure Your Data Is Secure With An Encrypted SafeStick

kwright — Mon, 17 Oct 2011 14:09:52 +0000

The Information Commissioner Office’s is calling for greater powers to conduct data protection audits and investigations within local government and the health sector.

Ensure Your Data Is Secure With An Encrypted SafeStick is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

DIY DPA Compliance

kwright — Thu, 06 Oct 2011 13:25:44 +0000

This week Betfair, one of the world’s largest online betting exchanges, announced a data breach in which millions of their customers contact details and credit card numbers were stolen by hackers. The incident had a huge impact on Betfair’s brand, their customer's confidence, and has resulted in the departure of their security director.

DIY DPA Compliance is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

Prison Sentences For Data Breaches – Get DPA Compliant Today

kwright — Thu, 15 Sep 2011 09:19:44 +0000

This week the Information Commissioner’s Office (ICO) demanded a change in the law to introduce prison sentences for serious breaches of the Data Protection Act. With monetary fines for breaches set up to £500,000, ensuring your business is compliant with the Data Protection Act has never been more important.

Prison Sentences For Data Breaches – Get DPA Compliant Today is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

The ICO Push For Prison Sentences For DPA Breaches

kwright — Wed, 14 Sep 2011 09:35:41 +0000

Yesterday the Information Commissioner Christopher Graham told the Justice Select Committee that serious breaches of the Data Protection Act (DPA) should warrant a prison sentence. The call comes after the latest incident of an individual abusing their working position to obtain personal information.

The ICO Push For Prison Sentences For DPA Breaches is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

DPA and PCI DSS Toolkit Special Offer

kwright — Thu, 25 Aug 2011 13:21:39 +0000

As well as enforcing DPA compliance, the UK Information Commissioner is now warning online retailers to adopt the Payment Card Industry Data Security Standard (PCI DSS) or risk enforcement action!

DPA and PCI DSS Toolkit Special Offer is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

ICO Warning: Adopt PCI DSS or face enforcement action!

James Warren — Fri, 12 Aug 2011 15:15:15 +0000

As well as enforcing DPA compliance, the UK Information Commissioner is warning online retailers to adopt the Payment Card Industry Data Security Standard (PCI DSS) or risk enforcement action! These products will help you achieve full compliance:

ICO Warning: Adopt PCI DSS or face enforcement action! is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.