Data protection monetary penalties have increased by £2m in the past year, while the number of enforcements issued fell by more than 20 from the number issued in 2017.
According to PwC’s 2018 Privacy & Security Enforcement Tracker, monetary penalties issued to UK organizations for breaching data protection laws in the calendar year 2018 totaled more than £6.5m in 2018, over £2m more than the previous year.
The data also showed that while the total sum of fines has increased, the number of enforcements issued fell to 67 in 2018, from 91 in 2017.
After we marked a year since the deadline for GDPR compliance, the data also showed that private sector companies accounted for 86% of the enforcements, but scrutiny remains on the public sector given the sensitive nature of the data it handles. Also, a quarter (25%) of enforcement actions relate to personal data security breaches.
Stewart Room, lead partner for GDPR and data protection at PwC, said that the trend of enforcement remained constant in comparison with previous years, with marketing and security infringements dominating the regulatory agenda.
“The absence of any GDPR fines in 2018 was not surprising, as it takes many months for cases to work through the system, but we know that they are on their way,” he said. “As well as looking at how to improve their levels of legal compliance, I would encourage organizations to focus on how good approaches to the handling of personal data can help them to deliver on their business purpose, to help and sustain the creation of long term value and trust.”
In an email to Infosecurity, Emma Loveday-Hill, senior associate and data protection specialist at ..
Support the originator by clicking the read the rest link below.
