ICO fines for inaccurate data
Prudential has been hit with a £50,000 fine for accidentally merging the accounts of two of its customers, who share the same name and date of birth. It is the first time the ICO has fined a company for something other than a serious data breach and indicates that the regulator is widening the areas of enforcement under the DPA.
The ICO said that financial services giant Prudential was in serious breach of the Data Protection Act for not having accurate and up-to-date records.
The case clearly involved serious damage to the customers concerned, whose files were consistently confused by the company. However, the penalty marks a very clear expansion of the type of breach the ICO will fine for, up until now fines have been reserved for serious data losses.
Other recent items: