The Upper Tribunal of the UK Information Rights Tribunal has ruled in the case of Central London Community Healthcare Trust v Information Commissioner “that organisations which voluntarily report incidents of data security breaches to the ICO do not gain automatic immunity from penalty fines in relation to that breach,” Mondaq reports. The tribunal rejected the trust’s appeal that the ICO’s fine of 90,000 GBP in 2012 was wrong “on the grounds that it had self-reported the breach notifying the ICO.” Meanwhile, a separate report from TechWeekEurope, quotes comments from Field Fisher Waterhouse’s Stewart Room, CIPP/E, that “When it comes to looking at regulatory pain, financial penalties, business needs to rebalance the focus away from general compliance issues, towards the security and confidentiality arenas.”
Full Story
Comments
If you want to comment on this post, you need to login.