16 April, 2020
Yesterday, the ICO published a document which sets out how it will regulate data protection compliance during the coronavirus pandemic. The document should provide comfort to organisations facing staff and operations shortages and acute financial pressure, that the ICO will take a pragmatic and proportionate approach to regulation during these unprecedented times.
In the document, the ICO has recognised that the public health emergency has meant that the ICO has had to reassess its priorities and resources. Therefore, the ICO will be focussing on:
In practice, this shift in focus by the ICO will mean:
The ICO has urged organisations to continue to report personal data breaches to them where appropriate although it will take an empathetic and proportionate approach to those breaches reported. The ICO expects to conduct fewer investigations during this time and will focus its efforts on serious non-compliance and organisations deliberately breaching data protection law in order to take advantage of the current crisis.
The current data protection law is flexible and is not a barrier to keeping the public safe during this crisis. This document highlights how the ICO intends to regulate data protection compliance in the coming months. It will be kept under review and will be updated as necessary as the situation progresses.
A copy of the publication can be viewed here - https://ico.org.uk/about-the-ico/news-and-events/news-and-blogs/2020/04/how-we-will-regulate-during-coronavirus/
For more information contact Bethany Paliga in our Governance, Procurement & Information department via email or phone on 01254 222347. Alternatively send any question through to Forbes Solicitors via our online Contact Form.