Lessons to be learned from a data breach

WE ARE HIRING!

Discover career opportunities with DPC

Lessons to be learned from a data breach

The Information Commissioners Office (ICO) recently reported on a reprimand they issued to a housing association after personal information became accessible in an online customer portal.

Clyde Valley Housing Association in Lanarkshire launched a new portal in 2022. On the first day of its release a resident discovered they could access personal information about other residents. As a result, they called a customer service adviser to report the breach.

Unfortunately, the concerns were not escalated and so the personal information remained accessible for a further five days.

The housing association sent a mass email to promote the new portal. Following this, four more residents also made a report, and the new system was subsequently suspended.

It appears that there was a lack of testing before making the portal live, and concerningly staff were not sure what to do about escalating the breach once it was reported.

A case like this leaves lessons for all businesses to reflect on. While new digital systems can allow for large productivity gains, data security has to be a top priority. The reputational damage from a data breach can be significant.

Data protection training is vital for staff so that they know what to do. Reviewing training needs is a must. For instance, an occasional tabletop exercise might help you to see where training needs lie.

See: https://ico.org.uk/about-the-ico/media-centre/news-and-blogs/2024/04/housing-association-reprimanded-for-exposing-personal-information-on-online-portal/

Facebook
LinkedIn
Email
Print
Lessons to be learned from a data breach

THIS ARTICLE

Lessons to be learned from a data breach

PREVIOUS AND NEXT ARTICLES

Articles

powered by Advanced iFrame. Get the Pro version on CodeCanyon.

powered by Advanced iFrame. Get the Pro version on CodeCanyon.

SEARCH

Hmrc Enquiries Support & Protection

TAX PLANNING

SPECIALISMS