A call by the information commissioner for greater powers to check on how companies protect personnel data has been met with a mixed response from business groups.
Richard Thomas wants a new right to inspect and audit a company’s systems without prior permission, pointing to a “horrifying” number of firms, government departments and other public bodies that have breached data protection rules in the past year.
The Information Commissioner’s Office (ICO) has received 24,000 enquiries and complaints about personal information in the past year. A breach was likely to have occurred in 35% of cases.
Thomas, who is responsible for enforcing the Data Protection Act, said: “My message to those at the top of organisations is to respect the privacy of individuals and the integrity of the information held about them. We have seen far too many careless and inexcusable breaches.”
Jeremy Beale, head of e-business at the CBI, told Personnel Today: “By calling for the ability to inspect firms’ files without consent, the information commissioner is in danger of leading businesses into the very surveillance society he [has warned against].”
Ben Willmott, employee relations adviser at the Chartered Institute of Personnel and Development, said additional powers could help highlight the serious nature of personal data breaches. “HR has a strong role to play in ensuring that good awareness and communication are passed on from line managers down to staff where personal data is concerned,” he added.
But the Ministry of Justice, responsible for overseeing the ICO, said the commissioner already had adequate powers.