Information Commissioner calls level of data breaches "horrifying"

The number of "inexcusable" security lapses surrounding personal data has risen to unacceptable and deeply worrying levels.

The Information Commissioner, the UK's watchdog responsible for access to and the protection of information has told chief executives that the business world has to act now to address severe failures around data security.

Richard Thomas, the head of the independent authority, said the number of security breaches that result in sensitive employee or customer data being leaked is unacceptable. "Over the last year we have seen far too many careless and inexcusable breaches of people's personal information," said the Information Commissioner. "The roll call of banks, retailers, government departments, public bodies and other organisations which have admitted serious security lapses is frankly horrifying."

Thomas claims that basic data security practices are not being adhered to. "How can laptops holding details of customer accounts be used away from the office without strong encryption? How can millions of store cards fall into the wrong hands? How can online recruitment allow applicants to see each others' forms? How can any bank chief executive face customers and shareholders and admit that loan rejections, health insurance applications, credit cards and bank statements can be found, unsecured in non-confidential waste bags?"

Thomas points the finger at mobile phone network Orange - which last month was found guilty of breaching the Data Protection Act in regards to customer data - and the high street banks in particular. He says the people at the top of these organisations must do better.

"Business and public sector leaders must take their data protection obligations more seriously," Thomas claims. "The majority of organisations process personal information appropriately - but privacy must be given more priority in every UK boardroom. Organisations that fail to process personal information in line with the Principles of the Data Protection Act not only risk enforcement action by the ICO, they also risk losing the trust of their customers."

The Information Commissioner, who has often been criticised for his failure to act, says that from 24,000 enquiries and complaints in 2006/7, his office has prosecuted just 16 individuals and organisations.

Featured Resources

Seven steps to connect and empower your frontline workers

How business leaders can improve communication with a secure platform

Free download

Create what’s next

The future of collaboration and productivity

Free Download

Leveraging the cloud without relinquishing control

Your data. Their cloud.

Free download

Re-architecting for nonstop innovation

Unlocking productivity, scalability, and lower costs for cloud natives

Free Download

Most Popular

What should you really be asking about your remote access software?
Sponsored

What should you really be asking about your remote access software?

17 Nov 2021
How to speed up Microsoft's Windows 11
Microsoft Windows

How to speed up Microsoft's Windows 11

9 Nov 2021
Nike to take customers into the metaverse with 'NIKELAND'
virtualisation

Nike to take customers into the metaverse with 'NIKELAND'

19 Nov 2021