The ICO has recently fined the London estate agency, Life at Parliament View Limited (LPV), £80,000 for leaving the personal details of 18,610 of its customers exposed for almost two years.
The compromised data included bank statements, salary information, passports, dates of birth and addresses of tenants and landlords.
The ICO was scathing in its report. LPV had failed to switch off an ‘Anonymous Authentication’ function when data was transferred to a supplier and this allowed anyone going online to have full access to all the information and LPV only reported the matter when a hacker contacted them. The ICO identified significant security errors and found that LPV had failed to take appropriate technical and organisational measures to protect the data.
This case is another reminder to businesses that they must carry out a data audit and put in place the appropriate frameworks and systems to comply with GDPR.
How Blaser Mills Law can help?
We provide businesses with varying levels of GDPR support to suit their needs. We can help with initial audits through to notices, policies, procedures, subject access requests, breach reporting, transfer and processing agreements and ongoing, large-scale project work.
Additionally, we advise businesses on regulation and compliance and can act quickly if you have a data breach and face enforcement action and claims from data subjects.
Our services include:
- Data Protection Officer
- Data Compliance
- Data Breach reporting
- EU representation
- UK representation
For more information on our services, click here.
Should you wish to discuss your GDPR requirements, please contact James Simpson on 01494 478689 or at firstname.lastname@example.org.