Once more unto the breach, dear friends

2040 information law blog

For some time, the Information Commissioner’s Office has advised organisations of all shapes and sizes to indulge in the masochistic activity of ‘breach notification’. Though taken to absurd levels of hair-shirtery in the NHS and some councils, the belief that any attention-grabbing data-related cock-up must automatically be reported to the ICO is widely held. I offer a modest prize for anyone can find me the interview in which Christopher Graham – earlier in his tenure – mistakenly claimed that breach notification was mandatory. I sometimes cause a frisson in training sessions when I quietly suggest that there is no such obligation, and on one memorable occasion, I was even shouted at by an angry Data Protection Officer who had just told his employer that they were obliged to report. My advice, gentle reader, is that if you think that reporting an incident to the ICO will improve your compliance with…

View original post 1,552 more words


One thought on “Once more unto the breach, dear friends


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s