Imation shines light on scale of NHS data breaches

Private file

The number of data breaches involving NHS trusts has shot up by 935 per cent over the past five years, according to figures released by the Information Commissioner's Office (ICO).

The data, obtained by storage vendor Imation via a Freedom of Information request, revealed a marked rise in the number of self-reported breaches taking place in the public and private sector since 2007.

For example, over this time period, the number of breaches involving local government and other public sector organisations has increased by 1,609 per cent and 1,380 per cent, respectively.

Meanwhile, private sector data breaches have rocketed by 1,159 per cent between 2007 and 2012.

The figures also revealed that, during the second quarter of 2012, the NHS suffered the highest number of data breaches (61), closely followed by local government (59) and general business (26).

The NHS has repeatedly come under fire in recent years for data protection failures and, several months ago, a health trust received a record 325,000 data breach fine from the ICO.

Nick Banks, head of EMEA and APAC at Imation Mobile Security, said the findings suggest the threat of ICO fines is doing little to encourage people to take better care of their data.

"Undoubtedly there are some mitigating circumstances which have contributed to the rise in annual data breach numbers, such as the introduction of mandatory reporting in certain sectors, plus the increasing amounts of data being stored and accessed," said Banks.

"But none of these factors obscures the clear trend of constant increases."

In a statement to IT Pro, an ICO spokesperson said the figures suggest that more companies are self-reporting breaches than ever before, rather than losing data.

"Clearly, for many organisations, further work is still required to ensure security breaches do not occur in the first place," the spokesperson added.

Caroline Donnelly is the news and analysis editor of IT Pro and its sister site Cloud Pro, and covers general news, as well as the storage, security, public sector, cloud and Microsoft beats. Caroline has been a member of the IT Pro/Cloud Pro team since March 2012, and has previously worked as a reporter at several B2B publications, including UK channel magazine CRN, and as features writer for local weekly newspaper, The Slough and Windsor Observer. She studied Medical Biochemistry at the University of Leicester and completed a Postgraduate Diploma in Magazine Journalism at PMA Training in 2006.