Mike Bradford provided us with the latest update on UK privacy and data protection matters. To read his monthly report please click on the link below. Here is a summary of key items:
The UK Information Commissioner has published information to help organizations understand what data security incidents it is seeing.
Information about incidents come to the ICO’s notice from self-reports from data controllers, media reports, whistle-blowers and reports from data subjects. The health sector has had significantly more incidents under consideration by the ICO than others, being followed by local government and general business. It is mandatory for the health sector to report data security incidents but they also clearly deal often with highly sensitive data.
The number of incidents identified in finance, insurance and credit increased by 36% in Q4 2015/16 and Q1 2016/17. The ICO liaises directly with the Financial Conduct Authority to discuss trends, incidents and ways to address issues.
The charitable and voluntary sector also say an increase in incidents and the ICO is undertaking a large amount of work in this sector, particularly around fundraising.
Yahoo Data Breach
In response to the recent Yahoo data breach, Elizabeth Denham, the UK Information Commissioner has said:
“The vast number of people affected by this cyber attach is staggering and demonstrates just how sever the consequences of a security hack can be.
“The US authorities will be looking to track down the hackers, but it is our job to ask serious questions of Yahoo on behalf of British citizens and I am doing that today.
“We don’t yet know all the details of how this hack happened, but there is a sobering and important message here for companies that acquire and handle personal data. People’s personal information must be securely protected under lock and key – and that key must be impossible for hackers to find”.
To read the full report click on this link: newsletter-october-2016
Source: Regulatory Strategies