The UK Information Commissioner, Richard Thomas, is seeking the introduction of a new criminal offence under which employees who lose laptops with unencrypted sensitive personal data could face unlimited fines.
The legislation would be aimed initially at healthcare workers who might, for example, leave a laptop in a car from where it is stolen. This, according to Thomas, constitutes “gross negligence”. Thomas added that anyone holding sensitive personal data on a laptop should know the basics of encryption.
A second proposed law would empower officers of the Commissioner’s office to inspect companies without consent to monitor their compliance with data protection laws.
Security managers seeking to gain a greater understanding of information protection, laptop security and encryption may wish attend the regular Information and IT Security Workshops, which are part of ARC Training’s Security Management Stage 1 Course. Forthcoming dates for the Information and IT Security Workshops are:
22 November 2007
7 April 2008
11 August 2008
24 November 2008