The Law. Individuals at all levels can be prosecuted and fined or even gaoled if it can be established that they had knowingly disregarded policies employee data and procedures put in place by their employers to protect data. Even former employees are not exempt. 2. Survival. If your employer suffers a financial loss or a loss of business due to a data breach, the employee data profitability or even viability of the business could be at risk. How safe would your job be? 3. Your CV. Your career could suffer if your present or potential future employers believed their data was not safe with you. Myth No. 4: "It's a Box-Ticking Exercise." There are many employee data things we are all required to do to comply with all kinds of legislation and the Data Protection Acts certainly impose a lot of requirements on everyone.
This is also true of the Health and Safety at employee data Work Acts and many others. However, just as I hope you would not want to be the cause of someone's injury or even death, I hope you would not want a lot of information about employee data your employees or your clients to get into the wrong hands. Apart from the power of the ICO to prosecute you, there are three other good reasons to keep data safe: 1. Civil claims. Even without the DPAs you could always have been sued for negligence or breach of contract if clients believed they had suffered losses as a result employee data of your failure to protect their data. 2. Your reputation.
Potential clients and employees might not want employee data to know you if they do not trust you with their data. 3. The consequences. You do not know what would be the consequences if your data got into the wrong hands. Who would they pass it on to? Myth No. 5: "It's Only for Big Businesses." It is true that there are different legal requirements for employee data different sizes and types of business, but there are two things even the owners and managers of even the smallest of businesses need to remember: 1. The Law. Any business, even a sole trader, can be prosecuted or sued for losing a client's data. One sole trader was fined 500 in 2012 because an employee data encrypted hard drive was stolen from his car, putting at risk the data of 250 clients.