Just a few days ago, news broke of the huge fine that has been issued to Heathrow airport by the Information Commissioner’s Office, following a data breach at the west London transport hub.
The ICO’s £120,000 levy is the result of a member of the public finding a USB stick that was misplaced by one of the airport’s employees. The device held 76 folders and over 1,000 files, none of which had password or encryption protection; the individual concerned was able to view the information at a local library.
If relatively small in quantity, the memory stick’s data exposed the details of ten people, with names, dates of birth and passport numbers all passing into free circulation, along with the names of up to 50 Heathrow personnel.
The ICO criticised the airports handling of private data, and emphasised that it was a “boardroom issue”.
“It is imperative that businesses have the policies, procedures and training in place to minimise any vulnerabilities of the personal information that has been entrusted to them,”, ICO Director of Investigations, Steve Eckersley added.
Following the probe, the ICO – the UK regulator for the GDPR – discovered that just two per cent of Heathrow airport’s employee cohort of 6,500 had been trained in data protection.
Heathrow’s data breach is just one more in a stream of similar stories that are hitting the headlines of recent months, revealing data security transgressions that have seen organisations named and shamed before being hit by substantial financial penalties.
These latest revelations illustrate just how easy it is for even the largest companies to fail to live up to the standards of new EU data laws which we all rely upon as consumers and businesses to safeguard the privacy that is so essential in the digital era.
Webinar in association with Iron Mountain
Executives, IT leaders and business professionals can gain a better understanding of how protect personal data by tuning into “Implications of a Data Breach & Prevention Strategies”, a webinar hosted next week in association with leading cyber security firm, Iron Mountain.
Taking place on Tuesday 16th October, the webinar will be hosted by GDPR expert, Ian West. Ian’s keynote will bring insight into noteworthy data breaches and impart advice on how organisations can mitigate such occurrences in future.
Leveraging 30 years’ experience in digital information programmes across multiple sectors, Ian has traversed multiple generations of information system development, and has been on the front line of data protection through increasingly complex market landscapes. His knowledge and passion for IT management and GDPR are renowned within the industry, and his opinions are highly respected.
The webinar will be co-hosted by Sally Hunt, Sales Director, Information Governance and Digital Solutions at Iron Mountain.
An information governance thought-leader of 18 years, Sally has devoted her career to helping organisations solve complex challenges around data and compliance. Sally has a strong focus and engagement with the UK’s financial sector, and is passionate about protecting data and supporting innovation to this end.
Implications of a data breach and prevention strategies webinar will deep-dive into the following topics:
- Examples of significant data breaches
- Implications and lessons from case studies
- Organisational framework & structures to ensure compliance
- Breach prevention best practice
- Internal and external detection technologies
- Responding in the event of a breach
- 11:00 – Presentation Start
- 11:45 – Live Audience Q&A
- 12:00 – Closing Remarks
In an increasingly challenging data protection landscape, business leaders cannot afford to miss this unique opportunity to gain clarity on the issues at the heart of good data handling practice in the 21st century.
Attendees will also have the chance to air their views and have their questions discussed by our hosts in a live audience Q&A taking place after the 45-minute webinar.
Book your place today by registering today
PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.
For more information on upcoming events, visit the website.
We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.