The Cost of Data Leakage

A law firm could be fined up to £500,000 by the Information Commissioner after sensitive personal data about thousands of people was reportedly made public in error.
ACS: Law acts for content producers taking action against alleged copyright infringers and keeps information on its systems about people and the material that they are suspected of copying or sharing. In September, the law firm was the subject of a Denial of Service attack in which automated attempts to access a website overload the server, effectively taking the site offline. It has been reported that, in the process of restoring the website, a backup database of emails was accidently made public.
The emails reportedly expose the names and other personal details of individuals accused of illegally copying a range of material, including pornography. The number of individuals is reported to be higher than 10,000.
Information Commissioner Christopher Graham told the BBC that his office would investigate the matter, and hinted that the case could provide a first chance to use the extra powers the Commissioner was recently granted. “We’ll be asking about the adequacy of encryption, the firewall, the training of staff and why that information was so public-facing and how it was so easily accessed from outside.”
"The Information Commissioner has significant power to take action and can levy a fine of up to half a million pounds on companies that flout the Data Protection Act," he said. "I can’t put [ACS Law] out of business, but … a company that is hit by a fine of half a million pounds suffers real reputational damage."
So what is your company doing differently from ACS: Law? What policies and procedures do you have in place to ensure that private information remains secure? How is your compliance with the Data Protection Act audited – or could you easily afford the possible fine or damage to your reputation?
If you don’t know the answers to these questions, then Regency ITC can provide you with the expertise and experience you need to help prevent your company falling foul of the Information Commissioner and to keep your professional reputation intact.