ICO Updates Strategy for Data Protection Standards in the Public Sector
The U.K. Information Commissioner's Office on Tuesday updated its approach to improving data protection standards in the public sector, saying early engagement often works better than fines.
Sign up for a free preview to unlock the rest of this article
Privacy Daily provides accurate coverage of newsworthy developments in data protection legislation, regulation, litigation, and enforcement for privacy professionals responsible for ensuring effective organizational data privacy compliance.
The ICO has focused on raising data protection standards in the U.K. public sector in recent years, Information Commissioner John Edwards blogged Tuesday. It prioritizes early engagement and other enforcement tools such as warnings, reprimands and enforcement notices, with fines issued only for "the most egregious breaches."
The approach has three advantages, Edwards wrote. It emphasizes improvement rather than punishment; it minimizes unintended consequences for public services and people, such as by reducing budgets for vital services; and it gives regulatory certainty by clarifying ICO expectations early.
Even so, Edwards said he will reconsider his approach if needed.