Imation shines light on scale of NHS data breaches
Figures obtained from the Information Commissioner's Office reveal marked rise in NHS data protection failures since 2007.

The number of data breaches involving NHS trusts has shot up by 935 per cent over the past five years, according to figures released by the Information Commissioner's Office (ICO).
The data, obtained by storage vendor Imation via a Freedom of Information request, revealed a marked rise in the number of self-reported breaches taking place in the public and private sector since 2007.
For example, over this time period, the number of breaches involving local government and other public sector organisations has increased by 1,609 per cent and 1,380 per cent, respectively.
Meanwhile, private sector data breaches have rocketed by 1,159 per cent between 2007 and 2012.
The figures also revealed that, during the second quarter of 2012, the NHS suffered the highest number of data breaches (61), closely followed by local government (59) and general business (26).
The NHS has repeatedly come under fire in recent years for data protection failures and, several months ago, a health trust received a record 325,000 data breach fine from the ICO.
Nick Banks, head of EMEA and APAC at Imation Mobile Security, said the findings suggest the threat of ICO fines is doing little to encourage people to take better care of their data.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
"Undoubtedly there are some mitigating circumstances which have contributed to the rise in annual data breach numbers, such as the introduction of mandatory reporting in certain sectors, plus the increasing amounts of data being stored and accessed," said Banks.
"But none of these factors obscures the clear trend of constant increases."
In a statement to IT Pro, an ICO spokesperson said the figures suggest that more companies are self-reporting breaches than ever before, rather than losing data.
"Clearly, for many organisations, further work is still required to ensure security breaches do not occur in the first place," the spokesperson added.
-
What to look out for at RSAC Conference 2025
Analysis Convincing attendees that AI can revolutionize security will be the first point of order at next week’s RSA Conference – but traditional threats will be a constant undercurrent
By Rory Bathgate
-
Ransomware attacks are rising — but quiet payouts could mean there's more than actually reported
News Ransomware attacks continue to climb, but they may be even higher than official figures show as companies choose to quietly pay to make such incidents go away.
By Nicole Kobie
-
Elizabeth Denham appointed ICO boss
News Denham will be tasked with helping the UK leave the EU without any knock-on effects on privacy
By Clare Hopping
-
Information Commissioner signs off with overview of year
News Christopher Graham has issued a report outlining past achievements and recommendations for the future
By Clare Hopping
-
ICO blasts sluggish speed of EU data law reforms
News Information Commissioner calls for sensible laws when it comes to personal data
By Joe Curtis
-
Digital marketing firm hit with £50k nuisance calls fine from ICO
News Reactiv Media apologises for making marketing calls to TPS members, and claims they were made in error
By Caroline Donnelly
-
UK TPS users still receive nuisance calls, research shows
News Ofcom nuisance calls research shows TPS sign-ups leads to users receiving a third fewer calls
By Caroline Donnelly
-
Cabinet Office rapped for slow FOI request response times
News Government department blames uptick in requests caused by Jimmy Saville and Margaret Thatcher for delays
By Caroline Donnelly
-
Home Office under scrutiny over FOI response times
News Sussex Police and Tyneside Council also subject to monitoring by ICO
By Jane McCallion
-
UPDATED: Government departments rapped for slow response to FOI requests
News The Information Commissioner's Office places four public authorities under surveillance for three months next year.
By Caroline Donnelly