Accountants warned over data protection
A new ruling means compensation is now payable without the need to show financial loss in event of data breaches. Accountants need to protect themselves following the ruling in last month’s Google Inc. v Vidal-Hall Court case. The Court of Appeal clarified the rules under the Data Protection Act 1988, which were previously interpreted as allowing compensation claims only if a data breach caused a financial loss, according to law firm Moore Blatch.
The decision is likely to have a number of potentially wide-ranging implications, including a likely rise in class actions, in which a large number of individuals have suffered emotional distress or invasion of privacy due to the same data breach. Such claims could be very costly to accountants in terms of damages, the firm warns. John Warchus, partner, Moore Blatch, said, “Accountants, or indeed anyone in control of client data, will now have an even stronger incentive to comply with data protection rules.
The decision by the Court of Appeal is also consistent with the likely future trend of data protection legislation – the draft EU Data Protection Regulation will mean that someone can seek damages regardless of a financial loss. "Accountants should urgently review their data protection procedures and strengthen where necessary as more compensation claims are likely and the amount of damages awarded is also likely to increase.”
Moore Blatch warns that more stringent practices need to be in place for data where a financial risk might be exposed by a data breach, such as the holding of bank or credit card details, as “appropriate measures” will be tougher in the financial sector.
The Government launched Cyber security standards last year that can help accountants and other businesses deploy suitable controls and protection against data loss through Cyber-attacks.
If you would like to discuss how these standards can be deployed in your business please contact Maria West on 01268 494160 or email maria.west@yellowspring.co.uk