In this podcast, data privacy/data security expert Jonathan Armstrong and Compliance Evangelist Tom Fox use the framework of GDPR to discuss a wide range of issues relating to these topics. They consider what the US compliance and InfoSec security expert needs to know about what is happening in the UK, Europe and beyond. In this episode, we discuss the recently announced proposed fine by the UK Data Protection Regulator against British Airways (BA) after its data breach. She intends to fine the airline £183.39 million (approximately $230MM).

Some of the highlights in this episode include:
  1. This proposed fine represents the largest GDPR fine in the UK.
  2. As the fine is now open to comment by BA and other national data protection regulators, the amount of the final fine may change.
  3. The BA CEO comes out swinging against this fine.
  4. What was the role of the ICO as ‘lead regulator’?
  5. Will BA’s tone-deaf posturing hurt or help it with the final penalty?
  6. What did BA know and when did they know (yes that is the famous Watergate question) will be a critical analysis.
  7. What remedial measures did BA engage in after it became aware of the breach?
  8. What are the lessons to be learned by the data privacy officer?
For more information on Cordery Compliance, go their website here.

For additional reading see the Cordery Compliance article, “UK Data Protection Regulator Announces Intention to Fine BA after Data Breach”.

Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.