Simple carelessness is the number one reason behind the majority of the data breaches in the UK, according to figures from the Information Commissioner’s Office (ICO). Data destruction is a serious business, and sensitive information needs to be handled very carefully in today’s data rich world.
The ICO recently revealed in a blog post that most of the data breaches that were reported in the first quarter of the year came about through carelessness in handling sensitive information, and could therefore have been easily avoided.
A total of 335 incidents were reported from the start of April to the end of June 2013. Of these, 175 came as a result of personal data being ‘disclosed in error’.
This included mistakes such as emails being sent to the wrong people, and sensitive information being included in freedom of information responses by mistake. As well as this data destruction was not handled properly.
Other problems that led to data breaches included:
- Paperwork being lost or stolen (42 cases, making it the second-highest reason)
- Hardware being lost or stolen (29 cases)
- Technical security failings (27 cases)
- Disposing of paperwork in a non-secure way (12 cases)
- Uploading information to a website by mistake (7 cases)
The health sector and government made up most of the cases (91 and 57 respectively), and educational establishments and solicitors were also high up the list, as were charities.
These figures help to demonstrate just how easy it is to make a mistake that leads to a serious data breach – which could lead to a large fine from the ICO. Is it time you checked your own processes for data protection and data destruction to reduce the chances of a data breach occurring in your organisation?
Image courtesy of Stuart Miles / FreeDigitalPhotos.net