Data protection just took on a whole new level of seriousness
Mustafa Kasim of Palmer’s Green recently became the first person to be sent to prison following an investigation by the Information Commissioner’s Office (ICO).
Kasim had enjoyed access to thousands of customer records, including personal information, when he worked for Nationwide Accident Repair Services and later when he worked for another company in the same field.
The information, containing customers’ names, phone numbers, vehicle and accident information, was stored in a software system known as Audatex. Unfortunately, Kasim decided to unlawfully remove data from Autatex and sell it on which resulted in a lot of people receiving unwanted sales calls (we can all imagine the sorts of calls that we’re talking about!)
Mike Shaw of the ICO said, “Our investigations found that Mr Kasim had benefitted financially from his illegal activity. As a result of his activities, people whose data had been stolen received cold calls and his former employer faced huge remedial costs. Personal data obtained in this way can be a valuable commodity and selling it may seem like an easy way to make money but the penalties can be severe. The outcome of this case should serve as a deterrent to others.”
It certainly should act as a deterrent! Karim was sentenced to six months in prison for accessing personal data without permission and has been ordered to pay £25,500 under the Proceeds of Crime Act 2002. He has three months to pay it or could face a 12 month prison sentence. In addition to this, he also has to pay £8,000 costs.
Obviously, this is a less than ideal scenario for any company to find itself in, with an errant employee committing illegal acts while using company assets. Maybe there were safeguards that could have been put in place by the company to prevent this, maybe not. In any event, how secure is your business? To take the first steps towards finding out and preventing information security problems, why not talk to Brigantia? Working with your local Brigantia Partner, services between a Data Protection gap analysis through to full ISO 27001 are available. It costs nothing to have a quick chat…
Get in touch – firstname.lastname@example.org / 020 3358 0090.