ICO fines transgender charity for data protection breach exposing sensitive personal data
Retrieved on:
Thursday, July 8, 2021
The Information Commissioners Office (ICO) has fined transgender charity Mermaids 25,000for failing to keep the personal data of its users secure.
Key Points:
- The Information Commissioners Office (ICO) has fined transgender charity Mermaids 25,000for failing to keep the personal data of its users secure.
- Under the UK GDPR, organisations that are responsible for personal data must ensure they have the appropriate technical and organisational measures in place to ensure personal data is secure.
- During the investigation the ICO discovered Mermaids had a negligent approach towards data protection with inadequate policies and a lack of training for staff.
- Mermaids cooperated fully with the ICO investigation and has made significant improvements to its data protection practices since becoming aware of the security breach.