Data negligence rising as GDPR draws closer

UK companies were hit with fines totalling over £3.2m last year after falling foul of data protection laws, a new report has claimed.

Analysis of figures from the ICO by PwC found that the 35 fines handed out in 2016 were almost double of  the previous year, despite repeated warning that the new GDPR regulations are just a year away

According to the report, 23 enforcement notices were issued last year, representing a 155 per cent jump compared to 2015. 

PwC noted that the UK, along with Italy, was one of the most active regions when it comes to regulatory enforcement in Europe - although the US was quite the opposite, with roughly $250m fines served last year.

“The ICO can currently issue fines up to £500,000, but with this set to increase to up to 4 per cent of global turnover under the new regulation, UK organisations must use the remaining time to prepare for GDPR compliance before May next year,” said Stewart Room, PwC’s global cyber security and data protection legal services leader.

“We’ve performed more than 150 GDPR readiness assessments with our clients around the world. Many struggle to know where to start with their preparations, but also how to move programmes beyond just risk reviews and data analysis to delivering real operational change. It’s impossible to ignore the impact of legal and regulatory change in this area in recent years. The GDPR has already been a force for good by bringing the issue to much wider attention. After all, who can argue against what is essentially a code for good business, where privacy by design becomes part of everyday operations?”

Image source: Shutterstock/Wright Studio