I am often asked if it just organisations that face the wrath of the ICO these days. I haven't seen much in the way of action against individuals in recent years but the following case was mentioned in the ICO newsletter this month:
Phillip Bagnall, aged 33, who was an employee of Nationwide Accident Repair Services Limited (NARS) when he was found to be accessing suspicious volumes of customer data from a laptop at home outside of work hours, which it later transpired he sold to nuisance callers promoting accident claims.
He was ordered to pay a total of £914 in fines and costs when he appeared at Manchester and Salford Magistrates’ Court.
It serves as a timely reminder to staff that there is still personal as well as organisational liability!