I do love a good old ‘lessons learnt’ piece and this one from Hogan Lovells is no different.
There are some very important elements in this piece which should be looked at by all if they are interested in GDPR and associated fines. Key learnings in this piece focus on the preventative measures one should take, what security needs to be implemented, what security standards the ICO expects and how to respond if you are in the firing line. Take a read to understand these learnings in more detail..
Robert Grosvenor in my team could certainly add more on this if this is a topic you are interested in. He can be found here: https://www.alvarezandmarsal.com/our-people/robert-grosvenor
On 16 October the UK Information Commissioner (ICO) confirmed that it had imposed a fine of £20m on British Airways (BA) for infringing the GDPR by failing to protect the personal data of approximately 400,000 of its customers following a data breach in 2018.