Southampton 02380 482 482
Winchester 01962 679 777
Paris Smith

28th September 2018

ICO takes action against organisations for failure to pay data protection fee

28th September 2018

ICO takes action against organisations for failure to pay data protection fee

Ryan Mitchell

Posted: 28th September 2018

T: 023 8048 2316

E: Email Me

The ICO recently issued formal enforcement notices to 34 organisations that had failed to pay their data protection fees. The fee is a new requirement under the Data Protection (Charges and Information) Regulations 2018 which came into force on 25 May 2018 to coincide with the General Data Protection Regulation (GDPR) and Data Protection Act 2018. Those who ignore the notices or refuse to pay may face a fine of up to £4,000, with the ICO having the power to increase the fine by up to a further £4,350 where there are aggravating factors.

It had previously been suggested, due to the ICO doing away with its notification requirement, that there would be no fee to pay. However, all organisations that process personal data must now pay a fee to the ICO unless they are exempt. The money is used to fund its data protection work and its new and expanded services, such as the ICO advice line.

The fee is priced over three tiers, ranging from £40 to £2,900. Organisations can use the ICO’s self-assessment tool to calculate how much they need to pay. Click here to view. Organisations with charitable status will always fall within tier 1 regardless of size or if they are a public authority.

The ICO has stated that more notices are in the drafting stage and will be issued shortly. Those receiving a notice will have 21 days to respond. If they pay the relevant fee, no further enforcement action will be taken.

If you have any questions about the new data protection fee or about data protection compliance generally, please contact Ryan Mitchell by email or by phone on 02380 482316.

Share This

Comment

Ryan Mitchell

Posted: 28th September 2018

T: 023 8048 2316

E: Email Me