The Information Commissioner's Office (ICO) has issued 68 warning notices for data security lapses in the first half of this year, up by 22 from this point last year.
According to a study by Syscap, the ICO has issued 15 fines worth £1.8 million in the last 12 months, compared with just six fines worth £431,000 at this point last year. It also found that while the majority of fines have been against public bodies, the ICO is also increasingly taking action against private organisations that lose data.
Syscap chief executive Philip White said: “Small businesses are increasingly falling foul of the ICO. It's clear that the ICO is starting to take a much more proactive stance in penalising data lapses, so this is something that business owners need to take very seriously.
“Businesses need to make sure that the correct safeguards are in place in order to secure their data, or they could be at risk of hefty fines in the near future.”
Jonathan Armstrong, lawyer at Duane Morris LLP, told SC Magazine that changes in the enforcement team at the ICO could have been a cause of this rise, but there has also been an increased level of activity.
He said: “The ICO does a great job and where it is doing very well is on the data losses that we care more about. It is right that they up their game and the real enforcement is where the pattern has been sloppy.
“The legislation has been the same since 1984 in terms of the management of data, this should be no surprise to any information governance manager. This is about waking up and smelling the coffee.”
John Thielens, chief security officer at Axway, said: “The ICO has finally started to step up to the mark and shown its teeth. After all, what's the point of being given the power to make a difference for the better if you're not going to use it?
“More than ever, organisations need to keep their data protection policies in check in order to avoid fines and the associated negative publicity. There's no reason why this can't be done in a way that minimises the risks of data loss or theft. Organisations must ensure they have complete visibility over their data and make certain that it is protected, wherever it is.”
Chas Moloney, director of Ricoh UK, said: “These figures underline the huge challenges facing UK businesses when it comes to managing confidential information securely. Already this year we have seen numerous examples of high profile document leakage in both physical and digital formats, causing huge security headaches for individuals and businesses.”
Mark Dunleavy, managing director at Informatica, said: “With more warnings and fines issued for data security lapses than ever before, the writing is on the wall for businesses that are failing to keep their data under lock and key.
“By getting to the root of the problem, organisations can maintain rich views of their customers, while armouring themselves against unauthorised individuals looking to profit illicitly from their customer's valuable data."