'Alarming' data breaches continue

Almost 100 organisations have reported breaches of data security in the last six months, it has been revealed.

Information commissioner Richard Thomas has been made aware of 62 breaches within the public sector, as well as 28 in the private sector and four within voluntary and charitable bodies.

His office described the figures as "alarming" when they were published on Tuesday, six months after the government admitted that HM Revenue and Customs had lost information relating to 25 million child benefit data.

Of the breaches made within the public sector, a third were reported by central government departments and their agencies, while a fifth were reported by the NHS.

Half of those reported by the private sector were concerning financial institutions.

Thomas said: "It is particularly disappointing that the HMRC breaches have not prevented other unacceptable security breaches from occurring.

"The government, banks and other organisations need to regain the public's trust by being far more careful with peoples personal information."

He called on leaders to make data protection a priority, before admitting that he was encouraged to see permanent secretaries taking the issue more seriously.

But, he added: "The evidence shows that more must be done to eradicate inexcusable security breaches".

The 94 breaches included the loss and theft of unencrypted laptops, computer discs, memory sticks and paper records, containing personal data which ranged from the financial to the medical.

In 16 cases, the Information Commissioners Office has requested that the bodies in question make procedural changes and in three instances the information has been recovered.

Shadow justice secretary Nick Herbert questioned how the government could be trusted with a national ID card database when two-thirds of reported breaches were the responsibility of public bodies.

"Perhaps this explains why the government has been so reluctant to accept our call for a new offence of reckless mishandling of data," he added.

But a spokesman for the Cabinet Office said steps had already been taken to improve information security.

In January, permanent secretaries were told there would be a ban on unencrypted laptops or disc drives leaving government premises.

The cabinet secretary's dictate followed the theft of three Ministry of Defence laptops containing the personal data of thousands of job applicants.

Cabinet secretary Sir Gus O'Donnell is also carrying out a review of data handling, due to report later this spring

The spokesman added: "In the interim, any security breaches that are reported are taken extremely seriously and will be thoroughly investigated."

• Email Story
• IM Story
• Printable View
• Blog This
• Post a Comment

Recommend this article

Sponsored Links

(What’s this?)