New Software Helps SMEs Avoid Data Protection Fines

Share Article

Small to medium firms (SMEs) now risk severe financial penalties if they fail to get fully compliant with the UK's Data Protection Act (DPA). Compliance experts IT Governance have therefore launched an inexpensive downloadable DPA Compliance Assessment Tool, which greatly simplifies and speeds up the task.

Small to medium firms (SMEs) now risk severe financial penalties if they fail to get fully compliant with the Data Protection Act (DPA), as tolerance by authorities and customers for data carelessness is rapidly vanishing. To help them meet these challenges, compliance experts IT Governance have launched an inexpensive downloadable 'DPA Compliance Assessment Tool' (http://www.itgovernance.co.uk/products/1791), to greatly simplify and speed up the task.

Secure management of personal digital information is becoming a key challenge for growing organisations, generated by a much tougher regulatory regime. This includes the levelling of substantial fines on firms by the Financial Services Authority, such as the £980,000 penalty levied on Nationwide Building Society and a £1.26 million hit suffered by Norwich Union - both slammed by the regulator for failing to adequately protect customers' personal data - as well as tighter strictures on information security coming with the new Criminal Justice and Immigration Act.

IT Governance's 'DPA Compliance Assessment Tool' (http://www.itgovernance.co.uk/products/1791) provides an easy-to-use way to assess an organisation's current level of compliance with the Act, and draws on suggested pathways from the UK Information Commissioner's Office. The Tool contains a series of key questions with associated recommendations to enable managers to identify steps needed to deal with a specific issue or with a broad range of mitigation actions.

The software was developed by IT Governance's experienced compliance experts, and offers an effective means of getting organisations started on ensuring DPA compliance. For those organisations looking for further assistance, IT Governance is also shortly to launch a DPA Compliance Toolkit, which will contain all the documentation required to implement an effective compliance programme.

The need for effective organisation-wide DPA compliance was revealed in IT Governance's recent report 'Data Breaches: Trends, Costs and Best Practices' (http://www.itgovernance.co.uk/products/1615). Its February 2008 survey of 130 technology and compliance professionals uncovered a clear gulf between awareness of DPA issues at senior management level and that of employees actually handling personal data. Eighty-two percent of organisations had introduced policies and procedures for protecting personal data, and over 80 percent had appointed a data controller or someone responsible for maintaining privacy - but only 55 percent of employees handling personal data had actually received training on their legal responsibilities in respect of this information.

Alan Calder, Chief Executive of IT Governance, commented,

"Company leaders have for too long been putting their heads in the sand when it comes to the importance of protecting personal data. This laxity has contributed to the current backlash against poor data protection regimes. We strongly urge any manager unsure if their company really is protected against an unwelcome visit from the Information Commissioner to ensure they are DPA compliant - this software tool is an ideal starting point to understand their organisation's particular needs."

"Changes in public tolerance for weak data security can only mean small to mid-sized companies risk horrendous financial penalties if they don't address their information compliance needs - and urgently."

The DPA Compliance Toolkit is priced at £29.95 and can be downloaded from http://www.itgovernance.co.uk/products/1791.

Ends

NOTES TO EDITORS
IT Governance Ltd is the one-stop shop for books, tools, training and consultancy for Governance, Risk Management and Compliance. It is a leading authority on data security and IT governance for business and the public sector. IT Governance is 'non-geek', approaching IT issues from a non-technology background and talking to management in its own language. Its customer base spans Europe, the Americas, the Middle East and Asia. More information is available at http://www.itgovernance.co.uk.

# # #

Share article on social media or email:

View article via:

Pdf Print

Contact Author

MARC CORNELIUS
Visit website