Solicitors who are not registered under the Data Protection Act will be presumed to be in breach of the act, the Information Commissioner's Office (ICO) warned this week.


The ICO revealed that recent prosecutions of London solicitors are part of a blanket crackdown on solicitors and accountants.



'We know that solicitors are almost certainly processing personal information, so anyone who has failed to notify under the act is almost certainly breaking the law,' a spokeswoman said.



Notification is a procedure required by the 1998 act of any organisation holding personal data about clients. It costs £35 per year. At least four solicitors have been successfully prosecuted this year, the ICO said.



In the latest case, Samuel Koranteng of Koranteng Hughes & Co in Edgware, north London, was fined £150 with costs of £539.20 for failing to notify as a data controller despite repeated reminders from the ICO.



Meanwhile, evidence of lawyers' shortcomings as data managers emerged from a survey published by a telecommunications supplier.



More than a quarter of UK law firms are guilty of leaving the security of their computerised archives to chance, Kingston Communications said. Of 200 solicitors surveyed, 28% admitted that their firms did not back up their data off-site, making them vulnerable to fire or flood.



Half of all firms rely on employees to back up data manually, described as a 'high-risk strategy'. Apart from risks to the business, failing to take measures against the accidental loss of personal data could also put a firm in breach of the Data Protection Act.



Firms based in the north, and with fewer than 10 partners, are the most likely to have poor back-up procedures, the company said.



The survey found the legal profession making increasing use of IT. Two-thirds of lawyers now use a handheld computer such as a BlackBerry at work.



Michael Cross