Recently I read two news stories on the same day. The first concerned EU proposals for tighter data protection laws. These included powers to impose fines of 1m or 2% of annual turnover on organisations that failed to protect the information they hold about people.
In Britain, the Information Commissioner’s Office already has powers to impose fines of Â£500,000 for data loss. Last year, the average penalty imposed was just over Â£77,000.
The other story I read concerned a 41 year old man who was operating a die-cast machine when 650ÂºC molten metal sprayed from the back of it, causing serious burns to his right arm, shoulder, leg and face. He was was unable to work for two months and continues to receive treatment for his damaged skin.
Magistrates were told there had been three similar incidents at the factory “ one of which caused serious injuries to another employee just seven months earlier. Despite this, and the fact that a risk assessment had identified the danger, nothing had been done to reduce the risks.
Inevitably the employer was found guilty of breaching health and safety laws. And the penalty? A reducedÂ fine of Â£6,000 following a plea of “financial difficulty”.
Now this is just one case, but reports suggest that the average fine for breaches of health and safety laws is around Â£24,000 for HSE (Health & Safety Executive) prosecutions and just Â£8,000 for local authority prosecutions.
In 2005, the last time the HSE reported average fines imposed following deaths at work, the average fine following a fatality was Â£30,000. Subsequent research suggests this has risen to between Â£50,000 and Â£100,000. So that’s about the same as the average fine imposed for loss of data.
Loss of life or loss of data. What’s more valuable?
People’s data is important and it’s right it should be adequately protected. But when it comes to penalties, isn’t it time we asked – have we got our priorities right?
Teresa Budworth, Chief Executive of the National Examination Board in Occupational Safety and Health
During a 30 year career in health and safety, she has specialised in safety consultancy; working with a number of Boards of Directors on implementing safety governance within large and diverse organisations. Her work on competence, education and training culminated in her appointment as Chief Executive of NEBOSH; the National Examination Board in Occupational Safety and Health, in 2006.
Prior to joining NEBOSH, Teresa combined management of Norwich Union Risk Service’s (now Aviva) Consultancy operation with her post as a non-executive Director and Trustee of NEBOSH and was Senior Examiner for Diploma Part One from its inception in 1997. She is a Visiting Senior Teaching Fellow and member of the Examination Board for post graduate courses in Occupational Health at the University of Warwick’s Medical School. She is a member of RoSPA’s National Occupational Safety and Health Committee and also serves on the judging panel for RoSPA’s annual occupational safety and health awards. She is a member of IOSH Council.