Almost 90 per cent of businesses have suffered some form of data loss in the past year.

A survey of 1,987 European businesses by CA Technologies found that respondents had struggled to deal with IT systems failure, attacks and human error. A total of 88 per cent of respondents suffered application and data loss incidents in the past year, while 63 per cent had experienced an IT systems failure, such as a network, storage or software failure.

In the survey, 94 per cent said their data protection budgets either stagnated or grew in the past year, and more than a third (35 per cent) were increasing their investment in this area. Forty-one per cent of organisations expected cloud computing to play an increasingly important role in their business continuity plans over the next year.

Chris Ross, vice president EMEA and Asia-Pacific at CA Technologies' data management customer services unit, said: “While spending on data protection is increasing, the survey shows that policies are failing, so investments need to be smarter.

“Data loss can be caused by a number of factors and organisations should work out the likelihood of each occurring and plan accordingly. This is an important area of the business to focus on as the loss of data can be very disruptive, not to mention costly.”

The news follows an announcement by the Information Commissioner's Office (ICO) that it wants harsher punishments for those convicted of abusing personal data.

Information Commissioner Christopher Graham called for custodial sentences after former Barclays cashier Sarah Langridge pleaded guilty to illegally accessing the account details of a customer, against whom her husband had been jailed for a sex attack.

She was fined £800, made to pay £400 costs and a £15 victims' surcharge in a hearing at Brighton Magistrates Court.

Graham said: “The details of this case are truly shocking. The victim had a harrowing enough experience at the hands of her attacker; the revelation that her attacker's wife was then rooting through all her personal details, for whatever purpose, would have caused even further distress.

“I note the outcome of this latest case and I remain concerned that the courts are not able to impose the punishment to fit the crime in all cases, because the current penalty for this all-too-common offence is limited to a fine rather than the full range of possible sentences, including prison for the most serious cases.”

Chris McIntosh, CEO of ViaSat UK, said: “Data protection should no longer be a mystery to organisations or individuals: information can be encrypted, employees can be educated and individuals should be well aware of when their actions cross the line between acceptable and borderline or outright criminality.

“However, it's clear from this and a myriad of other cases that the message simply isn't getting through: whether large organisations or single workers, it seems that the threat of fines and other recriminations still doesn't dissuade these actions. Data protection organisations such as the ICO need both carrots and sticks to ensure that information is protected, together with both the courage and the confidence to use them.”