Imation shines light on scale of NHS data breaches

Private file

The number of data breaches involving NHS trusts has shot up by 935 per cent over the past five years, according to figures released by the Information Commissioner's Office (ICO).

The data, obtained by storage vendor Imation via a Freedom of Information request, revealed a marked rise in the number of self-reported breaches taking place in the public and private sector since 2007.

For example, over this time period, the number of breaches involving local government and other public sector organisations has increased by 1,609 per cent and 1,380 per cent, respectively.

Meanwhile, private sector data breaches have rocketed by 1,159 per cent between 2007 and 2012.

The figures also revealed that, during the second quarter of 2012, the NHS suffered the highest number of data breaches (61), closely followed by local government (59) and general business (26).

The NHS has repeatedly come under fire in recent years for data protection failures and, several months ago, a health trust received a record 325,000 data breach fine from the ICO.

Nick Banks, head of EMEA and APAC at Imation Mobile Security, said the findings suggest the threat of ICO fines is doing little to encourage people to take better care of their data.

"Undoubtedly there are some mitigating circumstances which have contributed to the rise in annual data breach numbers, such as the introduction of mandatory reporting in certain sectors, plus the increasing amounts of data being stored and accessed," said Banks.

"But none of these factors obscures the clear trend of constant increases."

In a statement to IT Pro, an ICO spokesperson said the figures suggest that more companies are self-reporting breaches than ever before, rather than losing data.

"Clearly, for many organisations, further work is still required to ensure security breaches do not occur in the first place," the spokesperson added.