Category: Government
Police domestic abuse data breaches
The police service holds some of the most sensitive information about the population, including the data of many perpetrators and victims of crimes. Police domestic abuse data is among the most private information there can be, due to the safety risks it could provoke if compromised. A data breach could potentially endanger victims and they could be located by their former abusers.
The police force, like any other data controller, is obliged to protect information in accordance with the GDPR, the primary data protection law in the UK. However, there have, unfortunately, been cases in which unacceptable breaches of privacy have occurred, affecting the information of victims of domestic abuse.
Most of us would expect the police to be fully aware of its responsibilities to maintain strong data security, but it seems data protection is still not a high enough priority or focus in some cases. Where mistakes are made, those responsible must be held accountable, and those affected should be fairly compensated for any harm caused. If you have fallen victim to a data breach at the hands of the police, you can contact us for free, no-obligation advice on your potential compensation claim.
Leading Data Lawyers concern over reported plans to sell Covid test samples
Leading Data and Privacy Law firm Your Lawyers have been concerned to learn of an investigation into plans to sell Covid test samples for medical research.
The news was broken in November 2021, and reportedly involves Cignpost Diagnostics, trading as ExpressTest, who are understood to have conducted almost three million tests. It has been suggested that there are plans by the company to analyse samples from swabs and sell data to third parties, according to inews.
The private company is an approved provider of testing, and it has been reported that the company is now being investigated by the UK’s data regulator, the Information Commissioner’s Office (ICO). There was understood to be a tick box as part of the purchasing process for the test that formed as part of a large privacy policy with links to a research programme. This is understood to have since been removed and appears to be the matter at the centre of the investigation.
Wealden Council data breach incident
There has been a Wealden Council data breach incident that is understood to have allowed a resident to access the private and personal information of other people.
Due to what appears to be an access error, some particularly personal and sensitive information has ended up exposed. The council has apologised for the incident but, for those affected, the damage may already have been done.
Your Lawyers, as leading Data Leak Lawyers, see these kinds of events all the time, and we are more than used to representing the victims for compensation cases.
Trafford Council data breach exposed residents’ information
In a data breach earlier this year involving Trafford Council, the personal information of residents had been publicly exposed. Personal details were reportedly taken as part of a resident survey, but the private information was understood to have not been redacted when the council sent a Freedom of Information request response to another resident.
Errors such as this seem to have become a common trait of council data breaches, with employees making needless mistakes that could be corrected with a few checks, and with greater attention to the appropriate procedures. Overall, the trend of human error data breaches at local authorities would suggest that there are inherent problems when it comes to data protection.
A lack of awareness in respect of data protection and cybersecurity is simply unacceptable in this day and age, in which the digitisation of personal information has the potential to make it a more accessible target for cybercriminals. While organisations bear the overall responsibility for compliance with data protection law, individual employees also have a role to play in eliminating data security risks.
Police data breaches in 2020 and 2021
Recent statistics revealed that there were over 2,300 police data breaches in 2020, according to figures on the number of incidents reported to the ICO. The high figure raises questions about how effectively the force is managing data protection risks and ensuring the cybersecurity of its systems, and whether similar statistics may emerge for the 2021 period which is shortly due to end.
These statistics are particularly concerning given the often extremely sensitive nature of the information held by the police, which can include personal details of crime witnesses and victims. Everyone who discloses personal information to the police should have the right to do so in the knowledge that it will be kept secure and only viewed for specific investigation or work-related purposes. However, there are many unfortunate cases in which people have been let down by the organisation that is supposed to protect them.
If you have been affected by a police data breach, you may be eligible for a compensation claim. Our expert lawyers can offer free, no-obligation advice on your case.
Has a social worker leaked information and breached your confidentiality?
Usually run by local councils, social services hold large quantities of sensitive information about the people under their care. The private nature of the work they carry out means that they are required to keep to strict standards of confidentiality. If they fail to do so, perhaps if a social worker leaked information or failed to keep data secure, they may be in breach of data protection law.
Whether they are children in foster care, people with disabilities, or elderly residents of council care homes, there are thousands of people in the UK who have some form of care provided by their local authority. The integrity of social workers is generally taken for granted but there can, unfortunately, be individuals who let the good name of their profession down.
Their actions may have been accidental or intentional, but in either case, a social worker should be held accountable if they have compromised your right to privacy. By making a compensation claim, you can ensure that you achieve the justice you deserve.
Read More
New Year Honours data breach: Cabinet Office fined £500,000
The Cabinet Office has been issued with a penalty in the sum of £500,000 for the 2020 New Year Honours data breach, an incident that we have resolved legal action for.
The fine has been issued by the UK’s data watchdog, the Information Commissioner’s Office (ICO), which is intended to act as a punishment for what has happened. Such penalties can also act as a deterrent against future events.
We are pleased to see that regulatory action has now concluded. The fine is a separate matter to private legal action that victims of the data leak can be entitled to pursue. We have already resolved legal action that we have taken, having been instructed to act in the wake of the event, and this fine further cements that victims could be entitled to pursue a claim for compensation.
Civil service data breaches and compensation action
The civil service spreads across a number of different departments, and handles a large amount of sensitive information. With the responsibility of processing, handling and storing such private data, we would expect the civil service to ensure that such data remains secure. Instead, there have been a number of civil service data breaches in recent years which indicates that these government departments may need to improve their data protection strategies.
In accordance with UK data protection law, all organisations in possession of information must protect it from exposure with appropriate procedures and cybersecurity measures. If they fail to do so, they could be deemed to have broken the law, and may face sanctions or penalties.
But also, if you have been affected by a data breach, you could be eligible to claim compensation for any harm caused. Even the civil service is not exempt from data protection law, so come to us for free, no-obligation advice if you think you may have a compensation claim to make.
Ransomware affecting schools – spikes in attacks
In September 2020, the National Cyber Security Centre issued an alert, warning of increasing ransomware affecting schools, as well as colleges and universities. Earlier in 2021, the alert was updated to warn of yet another spike. The numerous headlines, especially over the summer, suggested that schools have been hit particularly hard, with successful attacks that can harm many people emerging on a regular basis.
Ransomware remains one of the most prominent cybersecurity threats faced by businesses and organisations in today’s digital age. Via ransomware, attackers could gain the power to take control of entire systems or networks. They could bring operations to a standstill, and could potentially steal swathes of private information. Where schools are concerned, ransomware can be particularly dangerous, as these organisations often hold a great deal of sensitive information relating to vulnerable children and young people.
As the ransomware threat shows no sign of abetting, it is essential that schools take action to improve their prevention and response methods, or they could be liable for the exposure of extensive personal data. Where a school has failed to protect the private details of you or your child, you could be eligible to pursue a data breach compensation claim now.
Healthcare network breaches
Healthcare has long been regarded as particularly vulnerable to external cyber threats. The potential vulnerability of healthcare organisations can be twofold: not only can their databases offer a wealth of highly sensitive data for cybercriminals to misuse, they have also been seen as weak in terms of their cybersecurity defences. Healthcare network breaches could occur when attackers exploit vulnerabilities in systems, finding a route via which to access private medical information.
All healthcare organisations must, therefore, be on their guard when it comes to potential cybersecurity threats, but this is not always the case. When cybercriminals do break through, the data theft can have catastrophic consequences for the affected patients or employees, potentially causing them significant distress and even financial loss.
If you have been affected by a medical data breach, you will likely feel let down by your healthcare provider’s failure to prevent the attack. Where the organisation failed to do enough to protect your information, you could be entitled to claim compensation. Contact us for further information and to find out whether you could be eligible for a data breach claim.