26 personal data breaches have been reported to the Office of the Data Protection Commissioner in the last two months.
The number of breaches has increased slightly, when compared with the previous reporting period of 32 breaches over three months up to 18 August. The increase is likely due to organisations being more aware of their legal obligation to report breaches to the ODPC.
Most breaches received were low-level with no further action required. However, the ODPC has a heavy caseload of ongoing investigations into breaches and complaints that do require further action.
There has also been a specific increase in hacking-related incidents and in particular, hackers gaining control of email accounts.
"The continued high levels of compliance by local organisations when reporting these incidents is to be welcomed. We recognise that it may not come naturally for organisations to inform regulators when things don’t go to plan and we understand that having confidence in my Office and the way in which such matters are handled is vital," Emma Martins, the Data Protection Commissioner, said.
"Taking a proactive approach in this area will help to enhance confidence in the organisations handling our personal data. It also provides my Office with extremely useful insight about the types and nature of breaches, which in turn enables us to target our education and compliance programme in a meaningful and effective way."
The breach reports received suggest that organisations are exposed to the greatest risk of breach when personal data leaves their direct control, either by post or email.
The Office of the Data Protection Commissioner is working to improve its online breach reporting mechanism and has asked for any comments to be submitted via enquiries@odpc.gg.
Pictured: Emma Martins.
Comments
Comments on this story express the views of the commentator only, not Bailiwick Publishing. We are unable to guarantee the accuracy of any of those comments.