That works out at £20 per cough!
Expensive for failing to use the correct box of tissues to clean up.
Actually this is about a hacker who sought to extort money from the the British Pregnancy Advisory Service having performed a simple examination of their web site: he discovered 10,000 customers without the correct protection for their er… records.
Make up your own joke and insert here!
Apparently the Information Commissioners Office does not feel charity begins at this particular organisation’s home. It is one of the first major publicised fines raised. It suggests that various excuses including charitable status and lack of knowledge are no defence. It also indicates that the “going rate” is a fine of around £20 per coughed up or incorrectly stored address and contact details used without adequate protection.
It brings into perspective:
- Our insistence on ensuring all the data we store is in a separate database from the web site.
- Web site access is always protected by https certificates.
- Personal information is split from web profiles.
And many other bits of careful design that meet the criteria for good web security.
The extortionist received a 32 month sentence.
Dave Smith of the Information Commissioner's Office said:
"There's a simple message here: treat the personal information you are holding with respect. This includes making sure you know just what information you are holding and that it's subject to up-to-date and effective security measures."
Related links here
Information Commissioner's Office (ICO) Ruling
British Pregnancy Advisory Service
How much could your agency rostering web site cost you?