Headlines: October 29th, 2008

Chief executives of local councils, NHS bodies and private business will today be reminded of their responsibilities to protect personal information held by their organisations. In a speech the Information Commissioner will challenge them to cut the amount of information they hold as new figures show a sharp increase in breaches of data protection, particularly in the public sector.

Figures released today by the ICO show the number of breaches has reached 277 since Her Majesty’s Revenue and Customs lost 25 million child benefit records nearly a year ago. They include 80 reported breaches by the private sector, 75 within health services, 28 reported by central government, 26 by councils and 47 by the rest of the public sector. Thirty of the most serious cases are being investigated by the Commissioner.

In a speech today the Information Commissioner, Richard Thomas, will spell out the risks of large databases and the need for tougher sanctions to prevent breaches. He will stress that accountability rests at the top of an organisation and that Chief Executives must ensure the policies and procedures are in place. He will say that privacy must be designed into the technology their organisations use and that staff are trained to counter the risks. Mr. Thomas will argue that information can be a toxic liability and challenge senior officials to minimise the amount of data they hold.

The Commissioner will tell his audience that the number of breaches is serious and worrying and point out that data loss and abuse has already led to fake credit card transactions, witnesses being put at risk of harm or intimidation, offenders being at risk from vigilantes, fake applications for tax credits, falsified Land Registry records and mortgage fraud. “Addresses of service personnel, police and prison officers and battered women have also been exposed. Sometimes lives may be at risk,” he will say.

Mr. Thomas believes personal information is the lifeblood of government and business and that the proper use of it can lead to better customer service, improved efficiency, more effective law enforcement and protection of the vulnerable but as Government, public, private and third sectors collect vast amounts of personal information the risks of abuse are increasing.