PLEASE NOTE: Our website uses a technology called cookies to improve your experience. One of the cookies we use is essential for parts of the site to operate and may have already been set. You may delete and block all cookies from this site, but parts of the site will not work. For more information see our privacy policy.

To accept cookies from this site (and hide this notice) please check this box and click the continue button.

HomeThe IssuesOur ServicesOur TeamPublicationsTestimonialsNewsletterContact us

ICO fines for inaccurate data

Prudential has been hit with a £50,000 fine for accidentally merging the accounts of two of its customers, who share the same name and date of birth. It is the first time the ICO has fined a company for something other than a serious data breach and indicates that the regulator is widening the areas of enforcement under the DPA.
The customers were given confidential financial information about each other by Prudential and lost thousands of pounds as a result of the data mix-up.

The ICO said that financial services giant Prudential was in serious breach of the Data Protection Act for not having accurate and up-to-date records.

The case clearly involved serious damage to the customers concerned, whose files were consistently confused by the company.  However, the penalty marks a very clear expansion of the type of breach the ICO will fine for, up until now fines have been reserved for serious data losses.

Other recent items: