You are here: silicon.com > Public Sector > News

ICO: Data breach law moves closer

And gov't spot checks on the cards

Tags: full disclosure, data loss, data breach

Printer Friendly Email Story RSS

By Nick Heath

Published: 3 July 2008 15:22 BST

The UK's privacy watchdog says the country is a step closer to getting a law forcing organisations to reveal data breaches, thanks to draft EU legislation.

Deputy information commissioner David Smith said proposals to revise the EU's ePrivacy Directive could be the "catalyst" needed to get data breach notification into UK law.

Amendments to the directive would require "providers of electronic services to inform users of breaches of data protection" and will be voted on by the EU later this year.

Full Disclosure campaign

silicon.com is aiming to make businesses and government take data security more seriously. Read more here.

Smith said: "There is increasing pressure to bring in a law for data breach notification.

"It looks as if breach notification may come out of the review of the ePrivacy Directive, it could be a catalyst for a law to cover all types of communications."

But he cautioned against notification on every data breach, saying it was important the Information Commissioner's Office (ICO) did not become swamped with "minor incidents".

A rethink of UK data protection laws is something that silicon.com has been calling on for the last year as part of its Full Disclosure campaign.

Smith also told silicon.com the ICO was about to be given the power to carry out data security spot checks on central government.

But he warned the ICO appeared to be more than "months away" from being able to carry out unannounced inspections on the private sector, despite such audits being commonplace in the rest of Europe.

Smith added that it was important for government departments to put in interim measures to guard against data breaches, such as carrying around the minimum amount of information, while carrying out the lengthy process of encrypting all personal data.

The Department of Health recently revealed that many trusts were unlikely to complete encryption of personal data for several months.

Last month the ICO disclosed it has had 138 reports of data breaches since last November - but Smith added he thought the scale of private sector breaches was far greater than reported.

Smith told a Westminster eForum meeting on information security: "What has changed today is the scale of the information being handled and the ease with which it can be lost."

Add Comment Add comment  Printer Friendly Print story   Email Story Email story   RSS
Related Links

Probe into loss of 21,000 hospital patient details

Admit to security breaches, companies told

Timeline: HM Revenue & Customs data blunder

Public trust eroded: Data breaches to blame

HMRC and MoD face action over data blunders

ICO: HMRC breach - where were the tech safeguards?

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure

silicon.com Public Sector
Get the latest public sector news straight to your inbox. Sign up for the PS newsletter today!

Email and web snoop plans slammed - again

Beeb names website controller

Watchdog demands data breach confessions

"Shambolic" security behind Home Office data breach

TfL ends Oyster card contract early

BBC reveals iPlayer user habits


Police gets to grips with body cameras

Cambridge Uni keeps tabs on web traffic

Visit London gets 'WebTrendy'

Connecting to the world when disaster strikes

Paymaster saves £300k with mainframe move

Virtualisation helps teachers slash electricity bill



  • Jobs
Campaign Database Analyst (SQL) - Surrey - 26,000 - 30,000

You will be expected to provide database knowledge assistance to business teams and you will be personally responsible for a high level of campaign ...

Campaign Management/Epiphany developer-Bank- Thames Valley - 30-40K+

This is a highly data-orientated Oracle datawarehouse environment with a focus on the Campaign Management. The majority of the work will involve the ...

Clinical Project Manager (CPM) - Oncology or Cardio *East Midlands*

I would also like to welcome candidates to e-mail and request a meeting at our head office to discuss the service and jobs currently on offer ...

silicon.com
Inbox: Data breaches, tech wages, ePassport woes
"If you offer training, you'll be fighting the applicants off with the proverbial stick..."

silicon.com
Inbox: Snooping bills, spam mountains, boring IT
"Have gov't all taken leave of their senses?"

Martyn Hart
Is short-termism holding back public sector outsourcing?
Comment: Driving down bids can store up trouble

silicon.com
Inbox: YouTube surveillance, skills gap, Naked speak
"It is up to citizens to use them, and not just moan in comments to silicon.com"

Andy McCue
The McCue Interview: Phil Pavitt, CIO, Transport for London
On why he's trying to make IT boring…

Julian Goldsmith
Leading a horse to water
Profile: Government CIO John Suffolk

CIO50 2008
The silicon.com CIO50 2008 profiles the most influential and innovative tech chiefs in the UK across all industries and organisation size, from the biggest FTSE100 companies to high growth dot-com start ups and the public sector. The list was voted on by the UK CIO community and a panel of experts. Find out more in our latest special report.

Stories from the web...


Green Data Center Storage Part II: Sustained Cost Effectiveness in Transitioning...

Distributed and Parallel Database Systems

Oracle 10g R2 RAC Implementation With SLES 10 Linux, IBM BladeCenter and IBM TotalStorage

Migrating From Domino to Exchange 2007 (Part 4)



Quick Sitemap Links: