ICO Reports 25% Increase in Data Breaches in Q3

The Information Commissioner’s Office (ICO) published its Q3 statistics this week, revealing that reported data breaches rose by 25% in the third quarter. The continued upward trend saw 420 reported breaches, which is up 397 from the previous quarter and a running total of 1152 for the financial year.

As for the type of breaches, the usual offenders headed the list were: personal information being disclosed in error, lost or stolen paperwork and loss of hardware containing sensitive information.

What’s clear to me here is that most of the breaches could have been prevented. The implementation of proper data handling procedures and some simple staff training could have reduced the number of these incidents.

These solutions aren’t expensive, especially when you consider the powers of the ICO to fine up to £500k. If you’re unsure about whether your data handling processes are sufficient and compliant with the Data Protection Act, I suggest you take a look at a DPA guide or a DPA Foundation training course.

And the gold medal for the most breaches goes to…

The health sector – Accounting for 38% of all breaches, the health sector takes home its third gold medal of the year. I’m being slightly mean though, as it should be noted that the NHS is obliged by Government laws to report breaches.

If all organisations were subject to this obligation I’d expect the total figure of breaches to be drastically higher!

You can view the full breakdown of breaches by industry and incident type here on the ICO’s official website.

2014 is a very important year for all things data related. There continues to be breaches across the public and private sector, whilst there have been several huge incidents involving US retailers Target and Neiman Marcus. 2014 is also the year when the proposed EU Data Directive is set to be finalised and come in to force.

There will undoubtedly be more scrutiny on how all organisations handle data; it’s also in your own interest to look and improve how you handle and store data.

My advice: act now and get your data house in order.

The pocket guide ‘Data Protection Compliance in the UK‘ is a pretty good place to start.