ISACA applauds plan to boost Information Commissioner’s Office powers
by ISACA
ISACA (formerly the Information Systems Audit and Control Association), a not for-profit organisation that seeks to encourage best practice in the ITsecurity industry, has given the `thumbs up’ to plans to significantly increase the powers of the Information Commissioner’s Office (ICO) later this year.
“Last July, in his outgoing report, Information Commissioner Richard Thomas criticised the EU data protection directive – which underpins the UK Data Protection Act – for effectively showing its age,” said Vernon Poole, CISM, Member of ISACA’s Information Security Management Committee and Head of Business Consultancy for Sapphire.
“Reports now suggest that the UK Government will enhance the powers of the ICO, allowing it to raise penalties against data controllers, under Section 55A of the Data Protection Act,” he added.
According to Vernon Poole, under Section 55A of the Act – which the Ministry of Justice has reportedly set an internal target for implementation on for later this year – the Information Commissioner will be able to impose penalties on companies that fail to protect their data, when that data is subsequently lost.
Current Government practice, he says, is to provide statutory guidance at least 12 weeks before the legislation comes into force.
The original game plan, he explained, was for the penalties to be published in March of this year, ready for Section 55A of the Act to become law this month.
These dates have now passed, he says, but if the internal target is to pass the legislation amendment before the Parliamentary summer recess, then Section 55A could become law by the late Autumn of this year.
“This is good news as, at that stage, we will be coming up on the second anniversary of the infamous loss of 15,000 pension customer details on a CD-ROM mailed between HMRC’s offices in Newcastle and Edinburgh,” he said.
“That incident became the milestone which started off a chain of reports of data losses in the public and private sector in the UK and effectively triggered the amendments to the DPA we now know as Section 55A,” he added.
Click here to discuss this: Security Forums
Related posts to "ISACA applauds plan to boost Information Commissioner’s Office powers":
- Encryption Order on M&S Laptops
- ISAF Applauds EU Adoption of New Cybercrime Agenda
- ISACA Updates 10 IT Audit Programs
- ISACA Praises Australia’s Change Your Password’ Day
- Digital Britain plan leaves Infosecurity Adviser bemused
Speak Your Mind
Tell us what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!
Previous: « Digital Britain plan leaves Infosecurity Adviser bemused
Next: Soft release for Morro »
Visited 561 times, 1 so far today