Three local councils were found in breach of the Data Protection Act in July after they placed children's sensitive data at risk. None were fined, however.
The Ministry of Justice (MoJ) announced a Call for Evidence to garner opinion on whether data protection laws were strong enough and if the ICO had enough power.
Indeed, a Sophos survey indicated many believed data protection laws in the UK were inadequate and needed changing.
In the same month, the ICO launched a new code of practice to advise companies and individuals about what they could do with personal data online.
August 2010
Zurich Insurance's UK branch was fined 2.275 million by the Financial Services Authority (FSA) following the loss of 46,000 customers' data. The fining power of the FSA made the ICO's 500,000 limit look a little weak.
Royal Wolverhampton Hospitals NHS Trust was found in breach of the Data Protection Act after leaving a CD at a bus stop. Worryingly, the CD contained scans of 112 patient records from the Intensive Care Unit of New Cross Hospital's Heart and Lung Unit. No monetary penalty was dished out.
September 2010
The NHS was at it again in September when East & North Hertfordshire NHS Trust lost an unencrypted USB stick containing sensitive data.
-
What does modern security success look like for financial services?Sponsored As financial institutions grapple with evolving cyber threats, intensifying regulations, and the limitations of ageing IT infrastructure, the need for a resilient and forward-thinking security strategy has never been greater
-
Yes, legal AI. But what can you actually do with it? Let’s take a look…Sponsored Legal AI is a knowledge multiplier that can accelerate research, sharpen insights, and organize information, provided legal teams have confidence in its transparent and auditable application
-
23andMe 'failed to take basic steps' to safeguard customer dataNews The ICO has strong criticism for the way the genetic testing company responded to a 2023 breach.
-
AI recruitment tools are still a privacy nightmare – here's how the ICO plans to crack down on misuseNews The ICO has issued guidance for recruiters and AI developers after finding that many are mishandling data
-
“You must do better”: Information Commissioner John Edwards calls on firms to beef up support for data breach victimsNews Companies need to treat victims with swift, practical action, according to the ICO
-
LinkedIn backtracks on AI training rules after user backlashNews UK-based LinkedIn users will now get the same protections as those elsewhere in Europe
-
UK's data protection watchdog deepens cooperation with National Crime AgencyNews The two bodies want to improve the support given to organizations experiencing cyber attacks and ransomware recovery
-
ICO slams Electoral Commission over security failuresNews The Electoral Commission has been reprimanded for poor security practices, including a failure to install security updates and weak password policies
-
Disgruntled ex-employees are using ‘weaponized’ data subject access requests to pester firmsNews Some disgruntled staff are using DSARs as a means to pressure former employers into a financial settlement
-
ICO reprimands Coventry school over repeated data protection failuresNews The ICO said the academy trust failed to follow previous guidance, which caused a serious data breach
