Large enterprises are lacking in data protection awareness when compared to the public sector.
This is the conclusion of new research by the Information Commissioner's Office (ICO), which showed public sector organisations were much more proactive when it came to storing personal data securely.
In a survey, carried out by Social and Market Strategic Research (SMSR), less than half of private companies said without any prompting that storing this sort of data should be done securely, whilst 60 per cent of the public sector organisations cited it straightaway.
"It's shocking to hear that over half of private businesses still haven't got a grasp of the Data Protection Act," said Chris McIntosh, chief executive of Stonewood.
"This suggests that the it will never happen to me' approach is still in full force, despite estimates for the number of data loss victims in 2010 reaching over 100 million. Businesses need to reflect on the consequences of this failure to understand the DPA, as they hold copious amounts of valuable personal data."
The figures come out on the same day it was shown over 90 per cent of citizens thought protecting personal information was an important social issue, only being topped by the need to prevent crime at 93 per cent.
Information Commissioner, Christopher Graham, said: "A strong awareness of data protection obligations is of fundamental importance to any organisation."
"Businesses need to show they are taking data protection seriously. Failing to do so could not only lead to enforcement action, it could also do significant damage to their reputation."
However, despite the concerning figures within the private sector, the Data Protection Act was still viewed as important, with 93 per cent of all organisations saying it was necessary legislation.
The ICO has received a lot of negative press recently for not using the powers it was given in April to fine organisations who breach the Data Protection Act such as Google with its Street View operations.
But yesterday, Graham said the ICO would be using its power to impose fines before the end of the month.
-
Bigger salaries, more burnout: Is the CISO role in crisis?In-depth CISOs are more stressed than ever before – but why is this and what can be done?
-
Cheap cyber crime kits can be bought on the dark web for less than $25News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
AI recruitment tools are still a privacy nightmare – here's how the ICO plans to crack down on misuseNews The ICO has issued guidance for recruiters and AI developers after finding that many are mishandling data
-
“You must do better”: Information Commissioner John Edwards calls on firms to beef up support for data breach victimsNews Companies need to treat victims with swift, practical action, according to the ICO
-
LinkedIn backtracks on AI training rules after user backlashNews UK-based LinkedIn users will now get the same protections as those elsewhere in Europe
-
UK's data protection watchdog deepens cooperation with National Crime AgencyNews The two bodies want to improve the support given to organizations experiencing cyber attacks and ransomware recovery
-
ICO slams Electoral Commission over security failuresNews The Electoral Commission has been reprimanded for poor security practices, including a failure to install security updates and weak password policies
-
Disgruntled ex-employees are using ‘weaponized’ data subject access requests to pester firmsNews Some disgruntled staff are using DSARs as a means to pressure former employers into a financial settlement
-
ICO reprimands Coventry school over repeated data protection failuresNews The ICO said the academy trust failed to follow previous guidance, which caused a serious data breach
-
ICO dishes out fine to HelloFresh for marketing spam campaignNews HelloFresh failed to offer proper opt-outs, the ICO said, and customers weren’t warned their data would be used for months after they cancelled
