The ICO has published a review of the impact of its civil monetary penalties (CMPs), the vast majority of which have related to security breaches. The review canvassed the views of representatives from 14 organisations who had received a CMP and 85 peer organisations who had not. The findings suggest that overall CMPs are effective at improving data protection compliance. However some respondents felt that there was a lack of transparency about how CMPs have been calculated and some showed a lack of understanding of just what poor practices trigger the CMP threshold.
Although the UK's Information Commissioner handed out monetary penalties for serious breaches of the Data Protection Act for the first time this week, a new survey has suggested that UK consumers support even tougher sanctions for organisations that are guilty of losing personal data. In a poll of 5000 consumers, conducted for LogRhythm by OnePoll, 62 percent of consumers felt that organisations should receive large fines for data loss with 31 percent going as far as to suggest company directors should be subject to criminal proceedings. Further information about the survey and its findings can be found at the following URL: http://www.logrhythm.com/Company/PressReleases/UKsupportscompulsorydatalossdisclosure.aspx