British Airways has recently been issued with a notice by the Information Commissioners Office (ICO) with the intention to fine them £183.39M for infringements of the General Data Protection Regulation (GDPR).
The fine has been proposed as a result of a cyber-attack that was notified to the ICO by British Airways and although they are working closely with the ICO to improve security arrangements, the personal data of approximately 500,000 customers was compromised by the attack.
The Information Commissioner's Office website highlights that there are just over 500k fee-paying entities on the register. In contrast, there are 2.67m active VAT/PAYE businesses in the UK; nearly 170k charities in England & Wales alone; and thousands of sports and other associations.
Many have not registered, not because they want to avoid their legal obligations but because they don't understand the core principles of GDPR and data protection, and so don't feel confident in addressing the issue.
With a lack of understanding of what is expected around their duties and individual rights in relation to their personal data, too many organisations are leaving it to their data protection officer or data lead and too few have made the investment in training for ALL team members.
We have developed “GDPR-Accredited Training”, a fun and engaging immersive learning app designed for businesses of all types and sizes.
Designed by our data protection expert, our accredited, affordable and flexible training solution gives organisations reassurance that their staff understand individuals rights, the principles of data processing and their responsibilities under the Regulation, as well as providing advice on data audit and policy making.
Don’t risk your bank balance and your hard earned reputation, make an investment in GDPR training for ALL of your staff.