Sunday, June 6, 2010

A Look into the UK breach statistics

This data looks very much like the USA data published by HHS outlined in A Look into the HHS Posts Data Breach Notifications. The biggest issues in both cases are hardware theft.
According to statistics from the Information Commissioner's Office (ICO), the UK National Health Service has reported 305 data security breaches since November 2007.  During the same period, the private sector reported 288 breaches, local government reported 132 breaches, and central government reported 81 breaches.  The most frequent cause of NHS breaches was hardware theft, which accounted for 116 incidents, followed by hardware loss, which accounted for 87 incidents.  There were also 43 instances in which NHS information was disclosed improperly, 17 instances in which data were lost in transit, and 13 instances of improper technology disposal.  In all, more than 1,000 data breaches have been reported to the ICO.  In April the ICO was granted the authority to impose fines of up to GBP 500,000 (US $730,000) for serious data breaches.

1 comment:

  1. Great article highlighting the need for everyone to have a much higher computer/data security awareness. Check a (free) blog, "The Business-Technology Weave" (can Google to it) - it reflects what this article is saying. The majority of breaches are due to human error, therefore awareness and common sense are key, in supporting all necessary best practices. The blog author also has a book we use at work, "I.T. WARS" (you can Google that too). It has a great Security chapter, and others that treat security. Highly recommended. Great stuff.