GDPR – ICO Takes Action Against Organisations That Have Failed To Pay New Data Protection Fee

GDPR – ICO Takes Action Against Organisations That Have Failed To Pay New Data Protection Fee

ensure your business is GDPR compliant

The General Data Protection Regulation (GDPR) only came into force 5 months ago, on 25th May 2018, and already the ICO have begun taking action against organisations.

Last month, the Information Commissioner’s Office (ICO) announced that it is taking formal action against 34 organisations under the GDPR, for failing to pay the new data protection fee for 2018. These organisations, that include financial services, recruitment companies and NHS bodies, could face a fine of up to £4,000 should they fail to pay the fee.

A data protection fee is the annual cost that companies must pay to the ICO, and this fee varies between £40 and £2,900 per year. This was also the case under the Data Protection Act 1998. Where organisations that collect and handle personal data had to pay an annual registration fee to the ICO.

Under the General Data Protection Regulation, the yearly fee you pay depends on the size of your organisation. Micro-organisations will pay an annual fee of £40, SMEs (small and medium-sized organisations) will pay a £60 fee, while large organisations will pay £2,900 for the year.

The notices of intent to the 34 organisations were sent last month, and these organisations had 21 days to respond with payment. If they pay the fee, action from the ICO will stop. Failure to pay the fee will result in a fine, which will range between £400 and £4,000, and again, this will depend on the size of your business.


How Ghost Can Help?

If you’re worried about how GDPR will affect your business, you can get in contact with Ghost. Ghost are experienced GDPR experts, and have partnered with our friends at IT Governance to provide GDPR Consultancy, Assessment and Compliance services to local businesses in Essex, Hertfordshire and Cambridgeshire.

Take the first steps towards GDPR compliancy by contacting 39 Degress on 01279 800039 and speaking directly with one of our data protection experts. You can find out more about our GDPR Consultancy services by visiting our GDPR page.

Facebook Security Breach: October 2018

Facebook Security Breach:
October 2018


On Tuesday 25th September 2018, Facebook was the victim of a cyber-attack, which has affected over 30 million Facebook users. This attack is the worst security breach that Facebook has been the victim of, with the hackers successfully accessing the personal data of 29 million Facebook accounts.

Facebook has launched an investigation into this cyber-attack, after discovering that the attackers had obtained tokens from the system, which allows them to request certain information from the platform.

The hackers have accessed a range of information from these users, including their personal information and contact details. For around 15 million users, the attackers obtained their usernames and contact details, and this includes their phone numbers and email addresses.

For the other 14 million Facebook accounts, the hackers accessed the above information, as well as their gender, language, relationship status, religion, hometown, current city, birthdate, education and more.

Facebook users can check whether they have been affected by the attack by visiting their Help Centre. Victims should also have received a message from Facebook themselves, informing whether you are 1 of the 30 million, and explaining which information may have been accessed.


Cyber Security for your business

Here at 39 Degress, we believe that cyber security is paramount for running a business. If large organisations are vulnerable to security breaches, it’s important that you are protected from cybercrime.

With our Cyber Security services, we’ll help protect your business against the latest ransomware, malware, hackers and other threats, and ensure that you avoid becoming the victim of cybercrime. Ghost will also ensure that your business-critical data is secure and that your business complies with ISO27001 and GDPR regulations.

Our Cyber Security services include PEN testing, anti-virus and anti-malware, 2-factor authentication, email security and even Certified Cyber Security training for your workforce. To find out more about how Ghost can help improve your cyber security capabilities, call our team today on 01279 800039 and speak directly with one of our experts, who can help you prevent a cybercrime from occurring. You can also find out more by visiting our Managed Cyber Security services page.