TheUK's information commissioner, Richard
Thomas, is warning chief executives of the
vital importance of protecting staff and customers' personal
information, following an "alarming number of security breaches"
reported to his office in the past six months.
Since the
security breach at HM Revenue & Customs in November last
year, the Information Commissioner's Office (ICO) has been notified
of almost 100 data breaches by public, private and third sector
organisations.
Of the security breaches that the ICO has been made aware of by
private sector organisations, 50% were reported by financial
institutions.
Of those reported by public bodies, almost a third occurred in
central government and associated agencies, and a fifth in NHS
organisations.
Thomas said, "It is particularly disappointing that the HMRC
breaches have not prevented other unacceptable security breaches
from occurring.
"The government, banks and other organisations need to regain
the public's trust by being far more careful with people's personal
information. Once again, I urge business and public sector leaders
to make data protection a priority in their organisation."
Information that has recently gone missing includes unencrypted
laptops and computer discs, memory sticks and paper records.
Information has been stolen, gone missing in the post and while in
transit with a courier. The material includes a wide range of
personal details, including financial and health records.
The ICO is investigating the circumstances of the breaches. In
16 cases, the ICO has required the organisation to make procedural
changes to improve data security, such as encryption. In only three
instances has the lost information been recovered.