Whistleblower data breach reports triple after GDPR
Published On: July 15, 2019 |
The number of whistleblowers reporting concerns over potential data breaches to the Information Commissioner’s Office (ICO) has almost tripled since the introduction of GDPR rules last year, new research has found.
Data obtained by law firm RPC revealed reports to the regulator concerning data protection issues rose to 379 in the year to May 2019, up from 138 in the previous 12 months.
This may reflect the fact that individuals have become much more aware of the responsibilities placed on companies under the GDPR regime, as well as the risks posed by data breaches.
Partner at RPC Richard Bevington commented that the increase in reports will be a “real concern” to businesses, especially given the large fines that have recently been meted out by the ICO for breaches.
Last week, the regulator issued British Airways and Marriott International with fines totalling over £262 million for breaches that had compromised the personal and financial details of millions of customers.
Mr Bevington said these penalties mean data security is no longer an issue that can be left to the IT department, but must be addressed at the C-Suite level as a major business risk.
“There were a lot of eyes on the ICO, waiting to see how it would use its new powers. Few foresaw it hitting a business with such a high fine at this stage,” he continued, noting that the size of the fines have shown that the ICO is a regulator to be respected.
It was also noted that the introduction of GDP has led to a “cultural shift” in how people perceive personal data and its value.
The new rules mean that more people now see their information as being as much a part of their personal property as physical assets, and they are more likely to act if they believe it is being misused.
Share This Post, Choose Your Platform!
With over 20 years in the business telecoms industry and an unrivalled reputation of delivering excellent, personal customer service, Arrow is one of very few companies in the UK able to provide a full telecoms, IT and energy consultancy and service proposition.
Savings through automation, scale, improved service. We’ve got that covered. But the true value comes with empathy, through empowerment, collaboration. It’s connecting people that drives us forward. It’s people that make tomorrow happen.
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.