British Airways are set to be hit with a fine of £189 million due to a GDPR data breach that happened back in 2018.
The UK’s Information Commissioner’s Office (ICO) have been reviewing the way that British Airways have handled their customers personal data, and decided that they will issue the company with a big penalty.
What Classifies As A Data Breach Like This?
Approximately 500,000 people’s personal data was compromised in the breach. British Airways are now being fined under GDPR legislation, in that they did not protect their customers data in the way they ought to.
The ICO revealed that the data compromised consisted of:
- Company names.
- Login information.
- Payment cards.
- Travel booking information.
- Names and addresses.
British Airways responded by saying that they will appeal the decision. They claim that they responded quickly to the breach and that there was no fraudulent activity involving their customers information.
If You Hold Personal Data You Must Look After It!
Information commissioner Elizabeth Denham helpfully explained:
“People’s personal data is just that – personal. When an organisation fails to protect it from loss, damage or theft it is more than an inconvenience. That’s why the law is clear – when you are entrusted with personal data you must look after it.”
“Those that don’t will face scrutiny from my office to check they have taken appropriate steps to protect fundamental privacy rights.”
How Do You Look After Your Customers Personal Data?
Of course the ICO are taking this as an opportunity to warn all businesses to check and reconsider the way that they handle their own customers personal data.
Although the big companies are the ones that make the front pages, small and medium sized businesses are not excused.
It is vital that business owners take responsibility for protecting their customers personal information now that GDPR rules are in place.
Data breaches can happen in businesses like yours and fines can be issued too.
For an accountancy firm like ourselves, adhering to GDPR and protecting our customers information has always been high on our list.
But these GDPR rules apply to any (and all) businesses that handle customer information, so you probably won’t be excluded!
Ensure that you take a moment in the coming week to check your own policies, or put some in place if you haven’t already, for both your customers sake and for your business’ sake.
Get More Business Blogs Like This
Interested In Our Accountancy, Tax, Bookkeeping & Payroll Services?
Get In Touch Below