More than 300 data breach whistleblower reports received by regulatory body
The regulatory body dealing with data breaches has received more than 300 whistleblower reports in the last year, a leading law firm has claimed.
The Information Commissioner’s Office (ICO) was told of 309 instances of breaches from employees, over alleged failure to protect information.
RPC, the law firm which aired concerns, says some of the reports were from areas where sensitive information can be found, including healthcare, education and childcare, which totalled more than 60.
Other areas include business, at just under 50, finance and insurance, at nearly 20, and local government, at 18.
Following recent law changes to General Data Protection Regulation (GDPR), firms can be fined up to four per cent of their turnover for breaching rules.
So far, the ICO’s largest fine was to British Airways following a breach which affected millions of its customers, costing it a cool £20m.
Richard Breavington, a partner at RPC, said “some employees feel so strongly about how data is being treated in the workplace that they are anonymously reporting to the ICO.”
He added they “will also know that the ICO has the powers to levy a potentially significant fine on that employer”, who also “look to ensure sensitive data held by them is secure and handled with appropriate care.”