Information Commissioner recommends monthly data breach report from comms providers

Previous regulations did not stipulate time frame

The Information Commissioner's Office (ICO) has recommended that communications providers submit a list of data breaches every month.

In updated guidance for businesses, the ICO said that while this would help tackle the problem, the more significant breaches needed to be disclosed as soon as they have happened.

There is already European regulation that stipulates comms providers must detail any breaches, but until now there had not been a specific time frame, in spite of the regulations being updated this year.

Claire McCracken, a data expert at law firm Pinsent Masons, said: "Whilst the regulations provide for an inventory of personal data breaches to be maintained by service providers, the guidance goes further than this and recommends that the log is sent to the ICO on a monthly basis.

"This will avoid duplication of work for the organisation concerned and ensure compliance with the obligations under the amended regulations," she said.

Join the newsletter!

Error: Please check your email address.

Tags securityInformation Commissioner's Officepublic sectorIT Business

More about ClaireICO

Show Comments
[]