The U.K. Information Commissioner’s Office (ICO) proposed a 6.1 million pound (U.S. $7.8 million) fine against Advanced Computer Software Group, an IT contractor for the National Health Service (NHS) that allegedly failed to secure the data of 83,000 people after a cyberattack.

The ICO said in a press release Wednesday it provisionally penalized Advanced after the company allegedly failed to implement basic cybersecurity controls to protect personal data. If finalized, the enforcement action would be the agency’s first financial penalty against a data processor under the U.K. General Data Protection Regulation (GDPR).

Learn More
Already a member? Sign in to an existing account.

Neil Hodge is a freelance business journalist and photographer based in Nottingham, United Kingdom. He writes on insurance and risk management, corporate governance, internal audit, compliance, and legal...