Data Breach Fine Values ‘Double In A Year’
If ever there was a time to for companies to prioritise confidential waste destruction, it seems that now is it – new research has just revealed that the value of the average data breach fine here in the UK has doubled in just a single year.
Analysis by City law firm RPC has found that in the year to 30th September 2018 the total value of fines handed down by the Information Commissioner’s Office peaked at just below £5 million, a hike of 24 per cent compared to the end of last year, City AM reports.
Ask yourself – would you be able to keep your head above water if you were hit with a fine of £146,000 for a breach, which is the average value of fines these days? It’s possible that your business would suffer so much that you’d have to shut up shop.
That’s why it’s so very important, now more than ever, to make sure you’re doing all you’re legally obliged to do to keep personal and sensitive information out of the hands of fraudsters.
Yes, you need to ensure that you have robust systems in place where your computer network is concerned, of course, but you also need to make sure that any and all paperwork in the office is disposed of in the appropriate way to ensure compliance with GDPR.
Partner at RPC Richard Breavington was quoted by the news source as saying: “A doubling in the average size of a fine should serve as a wakeup call to businesses. However, political pressure is mounting.”
So far this year, there have been numerous high-profile instances of brands being hit with the maximum fine of £500,000 for major data breaches. Equifax, the credit reporting agency, was one – where 15 million’s personal details were stolen in a 2017 cyber attack.
And let’s not forget that Facebook has only just been hit with the maximum fine for serious breaches of data protection law. It was found that between 2007 and 2014, the social media network unfairly processed personal information by allowing app developers access to it without clear and informed consent. Access was allowed even if users hadn’t downloaded the app but were just friends with someone who had.
Not only that but after this misuse of data was revealed, Facebook then failed to ensure those who had the information had taken the appropriate remedial action, including deletion of said data.
The information commissioner, Elizabeth Denham, said: “A company of [Facebook’s] size and expertise should have known better and it should have done better.”
It’s essential for all businesses, no matter their size, to ensure they’ve taken the appropriate steps at work to protect employee and customer information. If you’d like to find out more about how a professional shredding service can help in this regard, get in touch with the Avena team today.