Although it was originally thought that sup
port for this level of fine would not be found in Parliament, it became law on 6th April 2010.
If your business has committed a serious data protection breach,
then the Information Commissioner has the power to issue a monetary penalty (MPN) which must not exceed £500,000. However, before doing so, the Information Commissioner will issue a notice of intent stating the intention to impose a fine and providing a set length of time to respond. The data controller can contest the issue of the MPN and/or the proposed size of the fine. The Commissioner must consider any representations and then decide whether to proceed with the imposition of the MPN. This is less likely where the data controller can show that reasonable preventative steps were taken.
Due to the potentially serious financial and reputational consequences of a data protection breach you should consider taking specialist legal advice if either:
- you discover that a breach has taken place; or
- your business receives a notice of intent.
If you would like to receive a more detailed briefing or have any questions that you would like me to answer then please contact me.
Posts
