UK to drastically increase penalties for data breaches
Compliance with data protection legislation is no longer only a matter of best practices for enterprises. The penalties for non-compliance are serious – and are about to become considerably more severe.
In the UK–which is second only to the U.S. in terms of the occurrence of data breaches–the Data Protection Act (DPA) is the most important legislation dealing with information security. The
DPA specifies the responsibilities organizations must assume in processing and sharing data that may be considered personal or private. Any failure to handle personal data in a fair, proper and secure way can lead to a variety of penalties including fines, audits without consent and possible prison sentences.
The UK is currently governed by the Information Commissioner’s Office (ICO) responsible for the enforcement of the Data Protection Act 1998. When the EU General Data Regulation (GDPR) is enforced beginning on May 25, 2018, organizations responsible for data breaches will find the penalties they face increasing dramatically. From the current theoretical maximum of £500,000 currently issued by the ICO, penalties can increase to up to €20 million or 4% of annual global turnover – whichever is higher.
Solutions for DPA and GDPR compliance
In today’s business environment, sensitive and personal information routinely shared and manipulated by numerous people in different offices. For an IT professional, the task of addressing security concerns and complying with stringent industry regulations while keeping infrastructure costs and operational risks under control is becoming extremely challenging.
The least secure method of exchanging information is the standard email. Alternative solutions for s
ecure document exchange, such as electronic signatures and encrypted email software, do exist. But they are generally complex to implement and less than user-friendly to use.
However, there is a proven solution that is secure, easy to use and creates documents that are almost impossible to intercept. That solution is the good old fax.
Despite what some people may think, the fax is still a critical component of an information exchange system. Fax solutions have evolved significantly in recent years, from physical machines to software based, leveraging Internet networks (FoIP- Fax over IP), which allow users to securely send and receive sensitive or confidential faxes by email. However, unlike an email file, the content of a FoIP-based fax is virtually impossible to manipulate or intercept.
FoIP solutions are also flexible, easy to use, and extremely cost-efficient. No more need to buy toner, paper and communications costs are drastically reduced. As a result, fax use in many sectors is increasingly widespread. It has been widely adopted in the Financial, Legal, Healthcare, Manufacturing and Public sectors, owing to its high security and to the proof of transmission provided by the acknowledgment receipt.
Data breaches have the potential to cripple any organization in both financial and reputational terms. A secure data transfer method like FoIP can be invaluable, which is why more and more companies are turning to FoIP providers for Secure Document Exchange solutions that can help them comply with data protection standards and regulations and reduce both organizational risks and costs.