Human error key cause of data protection breaches
MORE than 200 data breaches have been reported over the last year, according to latest Data Protection Authority information.
Human error has been the key cause of breaches.
In the latest bi-monthly report, 32 breaches were reported over the last two months up to the end of August.
Eighteen of the breaches were due to personal data being sent, via email or post, to the wrong person.
The remaining 14 were through criminal activity, hacking, personal data being accessed inappropriately, the disclosure of personal data when not authorised to do so, or personal data being lost.
Data protection commissioner Emma Martins said problems were often caused by human mistakes.
‘What is striking from this period’s statistics is that all the breaches reported to us were due to human action, whether deliberate or accidental,’ she said.
‘There was not a single incidence of system error.
‘We must all recognise that it is people’s awareness, attitudes, behaviour and choices that often pose the biggest risk to the protection of personal data, rather than our IT systems.
‘Because of this, my office is laser-focused on raising everyone’s appreciation and awareness of data protection, in the hope that we can create positive cultural change around how people think, and feel, about taking care of personal data.’
This was the sixth bi-monthly report, which means a year’s worth of data is now available.
Over the last year 221 personal data breaches have been recorded – an average of 37 breaches every two months.
Part of the authority’s awareness-raising is the decision to take part in this year’s Global Privacy Enforcement Network ‘privacy sweep’ for the first time.
This international intelligence-gathering exercise examines a different theme each year and in 2019, the focus is on how data breach notifications are handled.
‘We will be contacting a sample of local organisations directly, asking them to respond to a short survey from GPEN later this month,’ she said.
‘Honest responses to the survey are encouraged, as it is only through honesty that an accurate snapshot of the challenges organisations face can be taken, from which we can all learn lessons.
‘Building a culture of honest and constructive learning can help us all to work towards higher standards of compliance.’
