Poor data security has been cited as a major cause of financial penalties for UK companies, new research from IT Governance has revealed.
Focusing on Data Protection Act (DPA) contraventions over the past 20 months, the organisation’s report revealed 66 enforcement notices for DPA infringements were issued by the Information Commissioner’s Office between January 2013 and October this year to UK businesses.
The fines issued as a result of these infringements totalled £2.17 million with the main reason cited for these enforcement actions being poor data security management. Overall, the average fined levied against those firms found to have broken data protection laws stood at £52,308 per incident.
Responding to the findings, founder and executive chairman of IT Governance Alan Calder stated it is certainly becoming more difficult than ever for businesses to effectively safeguard their sensitive data, given the rising complexity of IT infrastructure, coupled with the growing sophistication of cyber criminal attacks against corporate networks.
However, that is not to say businesses are powerless to prevent these incidents, as there are technologies and practices that can significantly reduce a firm’s risk of data loss.
He argued: “A holistic approach to information security is crucial – to be successful, organisations must adopt a best-practice approach to enterprise-wide information security management that encompasses people and processes, as well as technological solutions.”
Implementing strong information security and data recovery practices should therefore be a priority for business leaders looking to avoid their company falling foul of data protection laws in the UK.
“With the proposed EU Data Protection Regulation expected to come into force next year, and the continued proliferation of data breaches, companies cannot afford to be complacent about data protection and information security,” Mr Calder concluded.
It is wise to choose a data recovery company who has a track record in recovering from the type of data loss you have experienced.