Charity Audit Survey 2024

Take part in the Charity Audit Survey by the 17th of October and you’ll receive a copy of the published survey report. Additionally, we’ll enter your name into a prize draw to win a seasonal hamper. Share your valuable opinions here:

https://www.surveymonkey.com/r/TQDBDHL

 

 

Charities responsible for 110 data security incidents in 2017

27 Feb 2018 News

Information Commissioner’s Office

Charities were responsible for 110 data security breaches last year, less than 4 per cent of the total number of incidents, according to data published by the Information Commissioner's Office. 

The ICO publishes updates its incidents report quarterly, and the most recent data security incident trends report was published earlier this month. It revealed that the charity sector was responsible for 35 data security incidents between October and December 2017.

Over the course of the year the charity sector reported 110 incidents out of a total of 2,877, so charities accounted for just 3.8 per cent of the total number of incidents in 2017. 

Overall for the final quarter of 2017 across all industries and sectors, the ICO noted a 19 per cent increase in reported incidents compared with the previous quarter, and a 41 per cent increase on the same period (October to December) in 2016.

The ICO said this was “possibly due to increased awareness of the GDPR” and the launch of its new Personal Data Breach helpline.

‘Loss/theft of paperwork’ main reason for charity incidents

The most prevalent data security incident for charities was the “loss/theft of paperwork”, with nine charities reporting an incident of this nature to the ICO between October and December last year.

The report showed that the second most prevalent data security issue for charities were “other principle 7 failure(s)”. Principle 7 is the overarching part of the Data Protection Act which refers to information security. 

It also identified four separate incidents of charity staff sending “data by email to incorrect recipients,” four failures to “use bcc when sending email” and four general “cyber incidents”.

The health sector was responsible for the most overall security incidents, with 288 breaches reported between October and December 2017. The next largest amount was by the general business sector with 98 and education with 95.

Reported incidents rose by 178 per cent in central government between Q2 and Q3. Incidents involved a failure to redact data increased by 110 per cent. 

For more news, interviews, opinion and analysis about charities and the voluntary sector sign up to receive the Civil Society News daily bulletin here

 

 

More on