DCMS cuts data breaches in half in FY20
Digital department sees sharp decline in incidents
The Department for Digital, Culture, Media and Sport halved the number of data breaches it recorded during 2019/20 compared with the prior year.
Data provided to PublicTechnology under the freedom of information act shows that, in the 12 months to 31 March 2020, the department recorded 13 personal data breaches. One of these was deemed serious enough to be reported to the Information Commissioner’s Office.
This compares with 24 incidents that were recorded during the 2018/19 year – two of which were reported to the data-protection regulator.
Even more personal data breaches – a total of 31 – were recorded by DCMS over the course of 2017/18. One of these was reported to the ICO.
“No enforcement action has ever been taken against DCMS” by the watchdog, the department said.
- PM moves government data function from GDS to DCMS
- Report reveals massive spike in Home Office data breach reporting following GDPR
- NHS and government have highest levels of public trust on use of personal data, ICO finds
The decline in recorded data breaches over the last two years comes in contrast to many organisations, which have seen a marked rise in light of the May 2018 introduction of the EU General Data Protection Regulation.
The total number of breaches reported to the ICO from across all industries quadrupled after GDPR became law.
In 2017/18, which ended two months before the new legislation came into effect, UK organisations flagged a cumulative tally of 3,331 breaches to the regulator. During the following year, which included 10 months of GDPR, 13,840 incidents were reported.
Research last year from PublicTechnology showed that central government had also seen a large rise in the number of breaches. Across nine departments, a total of 3,522 incidents were recorded in 2017/18. This figure more than doubled the following year, to 7,490 – although the vast majority of these did not require reporting to the ICO.
The number of breaches suffered by DCMS is low compared with other departments which, in some cases, record hundreds or even thousands of incidents each year.
In 2018/19, the Ministry of Justice filed 4,777 breaches, ahead of the Home Office on 1,930, and the Ministry of Defence on 470.
Further research conducted this summer showed that about 500 incidents across Whitehall each year require the ICO to be notified.
Central government entities collectively reported 495 breaches to the regulator during the 2019/20 year. This represented a slight increase of 1.9% on the number that were reported in the prior year.
Following investigation, the ICO has required some form action on the part of the data controller in 10 cases. A further 35 are still under investigation, two are yet to be assigned to a caseworker, and 448 processes have concluded with no action required.
Dstl opens north-east base
Coronavirus has shown the power of data and, according to Sue Daley of techUK, it is crucial that the UK implements the right laws to govern its use and protection
Assessment of emergency law also reveals successful use of tech in justice system and for registering deaths
HMRC vetting procedure identifies possible concerns
Higher Education institutions are some of the most consistently targeted organisations for cyberattacks. CrowdStrike explores the importance of the right cybersecurity measures.
There are many reasons to keep your Oracle workloads running on local servers. But there are even more reasons to move them to the cloud as part of a wider digital transition strategy. Six Degrees...
Engage Process explains how to ensure that process remains at the heart of your management programs - and how to keep undue pressure from those processes
With the backdrop of the COVID-19 pandemic, every disaster now entails responding to at least two emergencies. Dataminr explains how organisations can best prepare.