The serious and costly problem facing public sector organisations
Compliance with data protection law is a serious issue. Non-compliance could potentially cost a public body or local authority hundreds of thousands of pounds if that organisation should face legal proceedings for breach of data protection laws. The Information Commissioner’s Office (ICO) – the public body responsible for ensuring compliance – has the power to impose substantial fines where it finds breaches of the legislation.
There have been many reported cases of the ICO imposing substantial financial penalties on local authorities across the UK for breaching the Data Protection Act 1998. Currently, the ICO has the power to impose fines of up to £500,000.00 for a breach.
All public bodies potentially face huge fines and payouts ordered by the courts where complaints and claims are successfully brought against them. In an age of computer and internet based databases and the ever increasing use of cloud computing and social media platforms, no one is immune from the potential repercussions of a data protection breach. The financial consequences to an organisation could be much greater than you think. You cannot afford to ignore the risks.
Examples of financial penalties imposed upon public bodies
A £185,000.00 imposed upon an NHS Trust in England for inadvertently publishing the private details of 6,574 members of staff, including their National Insurance number, date of birth, religious belief and sexual orientation.
A £180,000.00 penalty imposed upon a government department following serious failings in the handling of people’s information.
A £200,000.00 fine imposed upon a public body after laptops containing sensitive personal data were stolen from private premises.
We can help you
If you find yourself facing a complaint, court proceedings or an ICO investigation for breach of data protection or if you are simply keen to ensure that your organisation has adequate procedures in place to minimise the risk of a breach occurring, then we can help.
Health check - data protection compliance advice, audit services and staff training
If you are not presently facing any complaints or legal claims but you are concerned about your organisation’s compliance with data protection laws, whether your policies and procedures are adequate, whether your staff have adequate training and whether your organisation may be vulnerable, then we can help by reviewing your process and procedures. We can then advise you regarding the areas where you are vulnerable and explain what you should do to minimise the risk. We can also offer bespoke training to your staff to ensure that they are adequately trained to avoid data protection breaches and reduce the risks to your organisation.
Subject Access Requests (SAR) and Freedom of Information Act (FOI) requests
If you have received a Subject Access Request (SAR) or a Freedom of Information Act (FOI) request and you are unsure about how to deal with it, then we can advise you. It is important to deal with such requests in accordance with the rules specified by the applicable legislation. Failure to do so could lead to complaints and potentially fines being imposed. This could also leave you vulnerable to compensation claims being brought against your organisation in the courts.
Assistance with complaints and ICO investigations
If a customer or client has made a complaint against your organisation about a breach of data protection, then we can help. We can advise you fully about how to deal with a complaint. We can advise you regarding the individual circumstances of the complaint and deal with the matter on your behalf. It is important to respond to complaints adequately and promptly. Failure to respond properly could result in further costly action being taken against your company.
If a complaint has been referred to the ICO, then we can help you with this. We can advise you fully regarding the complaint and what steps you should take. We can correspond with the ICO on your behalf.
Assistance with data protection breaches and data protection litigation
If your organisation has breached data protection or if you’re concerned that a breach may have occurred, then we can assist you. We can advise you fully regarding each individual case and assist you in taking the appropriate action. If your organisation is sued or if you have received a letter from a member of the public, or a solicitor acting on their behalf, informing you that they intend to sue your organisation for an alleged breach of data protection, then we can assist. We can advise you fully regarding the claim, how you might be able to defend against it and what you should do in response. We can write to complainants and their solicitors on your behalf and represent you at all stages in the case including any court proceedings and hearings.
Other areas where we can assist you:
- Assistance with inter-departmental transfer and exchange of personal data between public bodies
- Data protection issues relating to internal investigations
- Protocol Advice
- Managing risks & privacy/security standards
- Email policies
- Internal investigations
Reasons to find out more:
- Your organisation and its employees will benefit
- It will save you time and worry if things go wrong
- It will give you clear direction and control of risks
- You’ll be able to budget easily, no hidden costs
If you would like assistance in relation to data protection law contact our specialist team now on 0175 321 5096.