Skip to main content

NHS Tops List of UK Data Breaches

The NHS has come number one in a list of UK organisations responsible for leaking user data, with 305 reported incidents of data loss. This figure was followed by a private organisation with 288 incidents.

HM Revenue and Customs was responsible for the single largest data breach, exposing the personal information of nearly 50,000 taxpayers.

Publishing the list (opens in new tab), the UK Information Commissioner's Office (ICO) provided details of nearly 1,000 incidents reported since the office was established in 1998.

The ICO's deputy commissioner, David Smith, said most breaches had taken place due to human or technical errors, and called on organisations to exercise greater control over personal information to minimise data breaches.

Smith gave organisations a stern reminder to maintain vigilance over the storage of personal data so that future errors can be avoided. He also urged organisations to implement a clear procedure for disclosing any relevant information, and to train their staff effectively.

The regulator is yet to impose its maximum fine of £500,000 on any organisation guilty of massive data breach due to negligence.

The data was published in the ICO Security Breaches Report. Advice for organisations to avoid future breaches can be found in the ICO Data Protection Guide.