- ICO wants more private sector companies to volunteer for audits
1. ICO wants more private sector companies to volunteer for audits
At the launch of his Annual Report today, the Information Commissioner, Christopher Graham, emphasised the need for conducting more audits in companies that are in sectors about which he receives the most complaints. He said that while 30% of the 100 companies they contacted in the private and public sector for a consensual audit agreed, the take up was only 19% when looking at just private sector companies.
Graham said: “Lenders, general businesses and direct marketing companies account for almost a third of total complaints to the ICO, and businesses were the top sector for reporting data security breaches to us last year. Despite this, many of them are still resisting our offer to undergo audits. We’ve written to organisations we consider to be high risk but the response has been disappointing.”
“These audits are not about naming and shaming those who are getting it wrong. The fact that a company has undergone a consensual audit should count as a badge of honour, showing that the business takes data security seriously. After all, sound data protection practices are irrevocably linked to providing good customer service.”
The ICO received the most positive response from central government departments, who are in any case subject to compulsory audits. The ICO issued 26 audit reports in 2010/11, and said that 97% of its recommendations had been adopted.
Graham also stressed the need for separate funding for data protection and freedom of information activities in the future, as well as the need to ensure the independence of his office. He said that the independence and the effectiveness of the ICO would be better secured by more flexible funding arrangements.
Christopher Graham and his senior staff will speak and answer your questions at the PL&B 24th Annual International Conference Monday to Wednesday next week, see www.privacylaws.com/annualconference
More about this topic in the PL&B UK Report, due at the end of July. To subscribe, see www.privacylaws.com
There is an opportunity to send the ICO questions relating to the Annual Report, see www.ico.gov.uk/about_us/performance/annual_reports.aspx
Questions and answers will be published on the ICO’s website in the next couple of days.
For further details on the Privacy Laws & Business UK Newsletter, please click here.
Copyright Privacy Laws & Business 2011