The report shows that 11 out of 16 private sector firms audited were judged to have a ‘high level of assurance’ that they were handling customer’s data correctly and safely.
However only one health-service organisation out of 15, one local-government organisation out of 19, and two central government departments out of 11 were found to have achieved this standard.
ICO ‘head of good practice’ Louise Byers said: “The private sector organisations we have audited so far should be commended for their positive approach to looking after people’s data.”
Byers remarked that the NHS and central government departments that were audited “generally have good information governance and training practices in place [but] need to do more to keep people’s data secure.”
“Local government authorities also need to improve how they record where personal information is held and who has access to it.”
The report is a reminder of just how crucial data protection is for your business. Non-compliance can not only have serious consequences on your business reputation and the relationship between you and your clients, leaving holes in sales and turnover; not properly protecting your data can land you in hot water legally.
The ICO has the power to issue fines of up to £500,000 and even prison sentences for the most serious cases of unprotected data. In 2011 the ICO issued £541,000 in fines to seven organisations, at an average fine of £77,285.
Don’t get caught out, the ICO regulations are a simple set of guidelines to follow to ensure that your data and your business is protected.