ICO Slams Companies’ Data Protection Awareness

Awareness of data protection principles amongst large organisations continues to be low, with private sector organisations lagging behind public bodies, while the protection of personal data is more important than ever for individuals, according to a survey published by the Information Commissioner’s Office (ICO) last week.

Just under half (48 percent) of private sector firms said, unprompted, that they should store personal information securely, compared with 60 percent of public sector organisations, the survey found.

Awareness low

The survey, carried out by SMSR, found that overall awareness of five of the eight data protection principles increased between 2009 and 2010, but awareness was still higher in the public sector than the private sector.

Only 14 percent of all organisations could identify all eight data protection principles unprompted, a decline of eight percent from 2007.

On the other hand, data protection remains a high social concern for the public, with 90 percent ranking the protection of personal information as an important issue. The only issue that scored higher was the prevention of crime, at 93 percent.

Nearly 90 percent of individuals surveyed were aware they had a right to see the information an organisation held about them, a 15 percent increase from 2004.

Eighty-four percent of individuals said they knew they could request information from authorities through the Freedom of Information Act, with 80 percent describing the Act as necessary. Ninety-three percent said the Data Protection Act was necessary.

Risk for organisations

The ICO said the low awareness of data protection principle sputs organisations at risk.

“Businesses need to show they are taking data protection seriously,” said Information Commissioner Christopher Graham (left), in a statement. “Failing to do so could not only lead to enforcement action, it could also do significant damage to their reputation. Ignoring data protection obligations is ignoring a key customer concern.”

In June the ICO said the NHS had been responsible for almost a third of all recorded data breaches in the United Kingdom for the last three years. The ICO found that the NHS was responsible for 305 of the 1,007 reported breaches. The private sector was a bit more responsible with data security, it seems, with 288 breaches recorded from individual companies. Meanwhile 132 breaches were recorded from local government bodies and 18 from central government.

In May an NHS worker in the secure mental health unit of a Scottish hospital was suspended, after he lost a USB stick containing patients’ medical records. According to local media reports, the USB stick contained unencrypted sensitive information – including the criminal histories of some violent patients at the Tryst Park unit at Bellsdyke psychiatric hospital. The stick was later found by a 12-year-old boy in the car park of an Asda supermarket in nearby Stenhousemuir.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

6 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

8 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

10 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

11 hours ago