Another GDPR data breach hits the headlines
No sooner have we published a blog about British Airways’ largest GDPR fine on record, we find another story in the news.
It seems that hotel group chain, Marriott International, is next in line to be subject to one of the largest GDPR fines since the new GDPR laws were introduced last year. According to a recent story, the fine relates to an incident that is thought to date back to 2014, but was only discovered in late 2018. During that time, around 339 million guests have had their personal details exposed in a data breach that could be one of the ICO’s biggest fines to date.
The data breach included 30 million guest records that were held in a reservation system and occurred within a rival hotel group that was acquired by Marriott three years ago.
Whilst the system has since been phased out and eradicated completely from the hotel chain, the Information Commissioners Office (ICO) states that the fine still stands, as the rules relating to GDPR, and the personal details held by a company, are very clear. They also state that organisations should be accountable for the data they hold by carrying out proper due diligence and in the case of Marriott, at the point of acquisition, but also for any organisation looking to access or store any personal data they hold for their customers.
It seems that the ICO is starting to make examples of organisations that do not toe the line – and the size of the BA and Marriott penalties (£183m and £99m respectively) – shows that the fines for those who do not comply are eye wateringly high.
The General Data Protection Regulation, best known as GDPR, was brought into force in 2018 and aimed to give the public more transparency as to how their data is being stored, used and accessed. It seems that one year on, the ICO is not taking any nonsense and the fines will stand for both of these organisations.
If you would like some further information or guidance surrounding the new GDPR legislation, contact Downs Solicitors to see how we can help
More blog posts from this author
Recent news reports indicate that some employers are considering making it compulsory for their staff to have a Covid vaccination. Is this a lawful, or even sensible, move by employers?
Today marks some key changes to the Job Retention Scheme where companies that have been using the government's coronavirus furlough scheme are now having to contribute to workers' wages.
It is often said that the football industry is unlike any other. The money involved, the rewarding of past failures with new appointments and the self-indulgence of a minority of players.
More blog posts from this sector
As the UK eagerly tuned in to the most anticipated Budget for a generation, many were left wondering what the Chancellor’s traditional “rabbit out of a hat” might contain - especially as several big measures had been announced beforehand.
As new variants of the coronavirus are emerging and the pandemic continues, employees will continue to take sick leave due to testing positive for the coronavirus and/or being required to self-isolate.
The WHO defines good mental health as: “a state of wellbeing in which every individual realises his or her own potential, can cope with the normal stress of life, can work productively and fruitfully and is able to make a contribution to his or her community.”