The number of data breaches reported to the Information Commissioner’s Office (ICO) has soared to 277 since HMRC lost 25 million child benefit records nearly a year ago. New figures, released today by the ICO, include 80 reported breaches by the private sector, 75 within the NHS and other health bodies, 28 reported by central government, 26 by local authorities and 47 by the rest of the public sector. The ICO is investigating 30 of the most serious cases.
In his speech at the Royal Society of Arts in London Thomas highlighted the risks associated with large databases, the need for tougher sanctions to deter breaches and called he on chief executives to take responsibility for the personal information their organisations hold.
"Data losses did not start with the loss of 25 million child benefit records by HMRC nearly a year ago. We had been warning of the problems for some time before then, but that was the case that undoubtedly catapulted the issue close to the top of the public and political agenda," said Thomas.
Thomas called the data loss "alarming" and said there had been examples where data loss or abuse has led to fake credit card transactions, witnesses at risk of physical harm or intimidation, offenders at risk from vigilantes, fake applications for tax credits, falsified Land Registry records and mortgage fraud.
"Used properly and intelligently, personal information can lead to better customer service, improved efficiency, more effective law enforcement and protection of the vulnerable and a better quality of life for everyone. But this means respecting and protecting people’s privacy and personal information - data protection has never been more important," he said.
Thomas is sceptical about placing a statutory duty on organisations to notify people directly whenever a breach occurs. Each breach carries different levels of risk and, consequently, requires a different response.
Following serious data breaches in the past year, the Information Commissioner’s Office has taken enforcement action against Orange Personal Communications Services Ltd, HMRC, the Ministry of Defence, the Department of Health, Virgin Media Ltd, Skipton Financial Services, the Foreign and Commonwealth Office, Carphone Warehouse and Talk Talk.
United Kingdom
Accountability for data security rests at the top says Thomas
LONDON - The Information Commissioner Richard Thomas has said bosses must stop leaving data security to the "IT boys". He called on companies and organisations to hold the least amount of data possible, warning they would face tougher penalties when any is mishandled.
_1.jpg)
.jpg)
