Tag: government
Police domestic abuse data breaches
The police service holds some of the most sensitive information about the population, including the data of many perpetrators and victims of crimes. Police domestic abuse data is among the most private information there can be, due to the safety risks it could provoke if compromised. A data breach could potentially endanger victims and they could be located by their former abusers.
The police force, like any other data controller, is obliged to protect information in accordance with the GDPR, the primary data protection law in the UK. However, there have, unfortunately, been cases in which unacceptable breaches of privacy have occurred, affecting the information of victims of domestic abuse.
Most of us would expect the police to be fully aware of its responsibilities to maintain strong data security, but it seems data protection is still not a high enough priority or focus in some cases. Where mistakes are made, those responsible must be held accountable, and those affected should be fairly compensated for any harm caused. If you have fallen victim to a data breach at the hands of the police, you can contact us for free, no-obligation advice on your potential compensation claim.
Leading Data Lawyers concern over reported plans to sell Covid test samples
Leading Data and Privacy Law firm Your Lawyers have been concerned to learn of an investigation into plans to sell Covid test samples for medical research.
The news was broken in November 2021, and reportedly involves Cignpost Diagnostics, trading as ExpressTest, who are understood to have conducted almost three million tests. It has been suggested that there are plans by the company to analyse samples from swabs and sell data to third parties, according to inews.
The private company is an approved provider of testing, and it has been reported that the company is now being investigated by the UK’s data regulator, the Information Commissioner’s Office (ICO). There was understood to be a tick box as part of the purchasing process for the test that formed as part of a large privacy policy with links to a research programme. This is understood to have since been removed and appears to be the matter at the centre of the investigation.
Wealden Council data breach incident
There has been a Wealden Council data breach incident that is understood to have allowed a resident to access the private and personal information of other people.
Due to what appears to be an access error, some particularly personal and sensitive information has ended up exposed. The council has apologised for the incident but, for those affected, the damage may already have been done.
Your Lawyers, as leading Data Leak Lawyers, see these kinds of events all the time, and we are more than used to representing the victims for compensation cases.
Trafford Council data breach exposed residents’ information
In a data breach earlier this year involving Trafford Council, the personal information of residents had been publicly exposed. Personal details were reportedly taken as part of a resident survey, but the private information was understood to have not been redacted when the council sent a Freedom of Information request response to another resident.
Errors such as this seem to have become a common trait of council data breaches, with employees making needless mistakes that could be corrected with a few checks, and with greater attention to the appropriate procedures. Overall, the trend of human error data breaches at local authorities would suggest that there are inherent problems when it comes to data protection.
A lack of awareness in respect of data protection and cybersecurity is simply unacceptable in this day and age, in which the digitisation of personal information has the potential to make it a more accessible target for cybercriminals. While organisations bear the overall responsibility for compliance with data protection law, individual employees also have a role to play in eliminating data security risks.
Has a social worker leaked information and breached your confidentiality?
Usually run by local councils, social services hold large quantities of sensitive information about the people under their care. The private nature of the work they carry out means that they are required to keep to strict standards of confidentiality. If they fail to do so, perhaps if a social worker leaked information or failed to keep data secure, they may be in breach of data protection law.
Whether they are children in foster care, people with disabilities, or elderly residents of council care homes, there are thousands of people in the UK who have some form of care provided by their local authority. The integrity of social workers is generally taken for granted but there can, unfortunately, be individuals who let the good name of their profession down.
Their actions may have been accidental or intentional, but in either case, a social worker should be held accountable if they have compromised your right to privacy. By making a compensation claim, you can ensure that you achieve the justice you deserve.
Read More
Covid-19 patients’ data – the risks of exposure
The Covid-19 pandemic has been widely linked to increased cyber threats, some of which may have involved targetting Covid-19 patients’ data. As a global crisis, it is unsurprising that cybercriminals have been seeking to take advantage of the vulnerabilities that have emerged due to the coronavirus pandemic.
In fact, patients’ medical information has always been a prime target for cybercriminals, given the sensitivity of healthcare records generally. In our previous and ongoing data breach claims, some of the most harmful incidents have been those that have exposed private medical records, often resulting in victims suffering from severe psychological side-effects.
We are close to the year two mark of when the world changed, but the coronavirus pandemic is far from over, so the data security threat to the healthcare sector is still present. However, where healthcare organisations do not have appropriate defences in place, they could still be partially responsible when cyberattacks are successful. If you have been affected by a data breach as a result of the negligence of a healthcare organisation, you could be eligible to claim compensation now.
New Year Honours data breach: Cabinet Office fined £500,000
The Cabinet Office has been issued with a penalty in the sum of £500,000 for the 2020 New Year Honours data breach, an incident that we have resolved legal action for.
The fine has been issued by the UK’s data watchdog, the Information Commissioner’s Office (ICO), which is intended to act as a punishment for what has happened. Such penalties can also act as a deterrent against future events.
We are pleased to see that regulatory action has now concluded. The fine is a separate matter to private legal action that victims of the data leak can be entitled to pursue. We have already resolved legal action that we have taken, having been instructed to act in the wake of the event, and this fine further cements that victims could be entitled to pursue a claim for compensation.
Civil service data breaches and compensation action
The civil service spreads across a number of different departments, and handles a large amount of sensitive information. With the responsibility of processing, handling and storing such private data, we would expect the civil service to ensure that such data remains secure. Instead, there have been a number of civil service data breaches in recent years which indicates that these government departments may need to improve their data protection strategies.
In accordance with UK data protection law, all organisations in possession of information must protect it from exposure with appropriate procedures and cybersecurity measures. If they fail to do so, they could be deemed to have broken the law, and may face sanctions or penalties.
But also, if you have been affected by a data breach, you could be eligible to claim compensation for any harm caused. Even the civil service is not exempt from data protection law, so come to us for free, no-obligation advice if you think you may have a compensation claim to make.
High school data breaches
Educational institutions have been targeted by cyberattacks with increasing frequency in the past few months, so the risk to the private information that is held by schools appears to be pronounced. In this climate of hacks and ransomware, it is important that high schools are doing everything they possibly can to protect the sensitive information of students, staff and parents, or there could be an increasing number of high school data breaches.
All schools hold a wealth of information about their pupils, from home addresses to medical information. It is important that teachers can access these details when necessary for the purposes of safeguarding and student welfare, but this also means that schools have an obligation to manage and process this information securely.
If you or your child has been affected by a high school data breach, you may be eligible to make a data breach claim for any harm caused. Where schools are responsible for the exposure of private information, they must be held accountable. Claiming compensation can be a route to ensuring that justice is achieved.
Ransomware affecting schools – spikes in attacks
In September 2020, the National Cyber Security Centre issued an alert, warning of increasing ransomware affecting schools, as well as colleges and universities. Earlier in 2021, the alert was updated to warn of yet another spike. The numerous headlines, especially over the summer, suggested that schools have been hit particularly hard, with successful attacks that can harm many people emerging on a regular basis.
Ransomware remains one of the most prominent cybersecurity threats faced by businesses and organisations in today’s digital age. Via ransomware, attackers could gain the power to take control of entire systems or networks. They could bring operations to a standstill, and could potentially steal swathes of private information. Where schools are concerned, ransomware can be particularly dangerous, as these organisations often hold a great deal of sensitive information relating to vulnerable children and young people.
As the ransomware threat shows no sign of abetting, it is essential that schools take action to improve their prevention and response methods, or they could be liable for the exposure of extensive personal data. Where a school has failed to protect the private details of you or your child, you could be eligible to pursue a data breach compensation claim now.