Tim Creighton, Director
The Information Commissioner’s Office (ICO) can fine any organisation up to £500,000 for serious breaches of the Data Protection Act 1998. A data breach involves a failure to comply with the Data Protection Act. It is an incident in which sensitive or confidential data is stolen or viewed by an individual unauthorised to do so.
As charities often hold large amounts of data they are liable to be fined for data protection breaches just like any other organisation. Charities suffered 53 data breaches from October 2014 – March 2015, this is more than double the amount in the same period the previous year, according to figures published by the Information Commissioner’s Office. Charities are now the fourth most likely category of organisation to fail to properly protect others’ data, according to quarterly ICO figures, below health services, local government and education services.
Do you know what your duties under the Data Protection Act are? What are you doing with personal data and why? Does your organisation know what personal data they hold and where they hold it? Has your organisation taken appropriate steps to ensure the security of all personal data held? Does your organisation have a data protection policy? Are your staff properly trained in data protection and do they use a privacy impact assessment before starting any new assessment?
For answers to any of these questions or for more information about any of our charities law solutions please give Tim Creighton a call on +44 (0) 28 9077 4500 (there is no charge for initial telephone discussions).
0+