21 Bloomsbury Way
London
WC1A 2TH
020 7242 2273
News Release
26 January 2010
|
Local authorities in the UK could be hit by hefty fines of up to £500,000 from April this year if they fail to comply with the Data Protection Act, warns Jackie Gray, a Data Protection specialist with national law firm Dickinson Dees. Following a consultation exercise in December, new regulations have been published by the Government this month and Ms Gray urges local authorities to reassess compliance risks before the new fines come into force. Ms Gray comments: “Local authorities cannot afford to be complacent about data protection. Since the child benefit data loss by HMRC in 2007, there has been a significant increase in data security incidents leading to enforcement action by the Information Commissioner. To date this has been limited to organisations having to take steps to improve their processes and procedures, most recently in the case of Lancashire County Council and Shropshire Council. However in future, the Information Commissioner could impose significant financial penalties for serious data protection breaches which would be a serious drain on already-stretched financial resources. Data protection should be a serious ongoing concern for the public sector, and local authorities should re-assess their level of compliance and review policies and procedures now, or risk potentially significant financial consequences in addition to reputational damage if data breaches occur.” Ms Gray outlines five specific areas which, in her experience, can easily expose local authorities to data protection breaches: • Responsibility – data protection can often fall between the responsibilities of different functions. Ensure someone at senior management level is accountable for data protection compliance across the authority. • Policies & Procedures – these can easily become out of date and their significance and content forgotten. Review policies and procedures and bring them up to date, concentrating particularly on data sharing arrangements, data security and home working. • Training – staff need to know how important data protection is and to treat it as a priority in its own right. Training programmes need to be in place to ensure all staff receive basic awareness training, refresher training and targeted training for those working in high risk areas such as social services, education and HR. • Physical & technical security – ensure computers and laptops are physically secure and that personal information is stored on the network. Where it has to be downloaded, ensure data is protected by using only encrypted PCs, laptops and memory sticks. • Data processing – ensure written contracts are in place where personal data is processed by third parties and review existing arrangements to ensure that data processors have adequate data security measures in place to protect your data.
About Dickinson Dees - Dickinson Dees is one of the UK’s leading full-service law firms. With offices in the North East, Yorkshire and London, and nearly 700 staff, the firm provides legal services to public sector, corporate, commercial and private clients across the UK. These include several London Boroughs, Foundation Trusts and PCTs, Further and Higher Education institutions and a number of other governmental bodies. Dickinson Dees’ experience and knowledge of public services has established the firm as a national leader for public law and governance and, in particular, procurement, PFI/PPP and projects. The team has advised on schemes in a wide range of sectors, including housing, waste, libraries, fire stations, police facilities, schools, hospitals, ambulance stations, leisure centres, Academies, Building Schools for the Future and NHS LIFT.
About Kelso - Kelso Consulting supports ambitious businesses of all sizes that want to be recognised as leaders in their markets. Kelso's PR and thought leadership campaigns ensure businesses, whatever their size, get prominent coverage in the quality national newspapers and other highly influential business media.
For more information please contact: Kelso Consulting (PR Advisers to Dickinson Dees) Phone: 020 7242 2273
Download PDF
Back to Client News
|