Posted By: ITWiser Webmaster - Yorkshire's IT Specialists
Posted By: ITWiser Webmaster
Irish annual reports reveal boost in complaints and breach notifications
Figures recently released in the Data Protection Commissioner’s annual reports for 2017 show that the Data Protection Commissioners office received 2,642 complaints. This is a significant up lift from last year seeing an increase of 79 per cent more complaints, and data breach notifications rising by 26 per cent. These numbers are much greater than those of 2013, 2014 or 2015, when there were on average 930 complaints each year.
It was unsurprising that GDPR – General Data Protection Regulation topped the agenda in the report, with commissioner Helen Dixon writing, “I truly believe that May 2018 will be a seminal milestone in ensuring that the rapid technological change and importance of data in our daily lives is now backed by a transparent and flexible but robust regime for the protection of individuals.”
Various complaints were received in 2017 the majority being about access rights, another 312 were about unfair processing of data, and 21 were related to the right to be forgotten.
The Data Protection Commissioners Office also received 215 complaints about electronic direct marketing, and 146 were investigated – of these 80 were related to email marketing, 58 to SMS and just 8 to phone.
Meanwhile, 2,973 data security breaches were reported in 2017 an increase of 26 per cent from 2016. From these breaches 6 per cent of all reported cases were in the telecommunications sector and an increase was also seen in the number of network security compromises which rose from 23 to 49, and usually included ransomware and malware attacks.
The law on data protection is changing in May 2018 as the UK have chosen to adopt the EU legislation (EU)2016/679 regarding GDPR. These changes introduce many things that businesses need to be aware of with the most important being The ICO (Information Commissioner Office) are set to become the Supervisory Authority.
What this means is that the ICO is responsible for policing the scheme and ensuring businesses are being compliant. They can spot check and fine you even if you haven’t had a breach if your internet systems are not up to a certain level and personal data is deemed to be at risk.
Large fines and penalties on the horizon such as 2% of global turn over for internal systems not being compliant and 4% of global turnover for a data breach.
Questions to ask of your business:
Can you remove all data from your systems for an individual easily if they ask to be forgotten?
Have you considered what personal data you store in your backups?
How long do you keep client data on your systems?
ITWiser are a Cyber Essentials Certification Body and an IASME Assessor through IASME, we are one of only a few companies in the north to have gained this accreditation. If you need help checking your compliant then get in touch today.