Human error is being blamed for an increase in data breaches reported to the Information Commissioner’s Office (ICO) despite an ongoing awareness of the need for appropriate education and processes to prevent such incidents.
According to a Freedom of Information (FoI) request submitted by encryption specialists Egress Software Technologies, one quarter of all data breaches between April and June 2014 involved the accidental loss or destruction of personal data and around 43 percent of these were caused by sending data to the incorrect email fax or postal addresses.
Only seven percent of breaches were caused by technical failings, with the remainder caused by human error, poor processes and systems in place, or a lack of care when handling data. Indeed, no fines have been issued due a technical error exposing confidential data, whereas £5.1 million worth of penalties have been handed out due to the poor management of sensitive information.
Egress suggests this implies that convenience rather than security is a bigger priority for businesses and organisations when they share data with third parties, especially given the current emphasis on data protection following a number of high profile breaches.
“It is concerning that such a high number of data breaches occur as a result of human error and poor processes, let alone the fact that this figure is actually rising,” says Tony Pepper, CEO of Egress. “Of course, we will never be able to completely rule out people making mistakes but clearly safeguards are urgently needed. Confusion can often put confidential data at risk, with users unsure of when and how to encrypt. Similarly, a continued reliance on fax and post demonstrates a disturbing lack of care and control taken to sensitive information.”
In total, the ICO has served up £6.7 million in fines since 2010, £4.5 million of which were issued to the public sector and therefore paid using taxpayer cash. The biggest fine to date was given to Brighton and Sussex University Hospitals NHS Trust in 2012 after hard drives containing a massive amount of sensitive data were sold on eBay in 2010.
The ICO itself is also not immune. Earlier this year the watchdog admitted it had breached data privacy regulations over the past month but was criticised for its lack of transparency over the incident which it described as “non-trivial”.
What do you know about ICO and its counterparts? Take our quiz!
United Nations body to protect undersea communications cables that are crucial for international trade and…
Weeks after CEO Mark Zuckerberg met with Donald Trump privately at Mar-a-Lago, comes news of…
Protecting American clean energy businesses. Biden administration plans to raise tariffs on certain Chinese products
News fee. Australia looks introduce mandatory charge on social media platforms and search engines to…
Discover the AI skills your business needs, from machine learning to ethics, and learn how…
Apple highlights its UK investment has grown to £18 billion, as CEO Tim Cook meets…