Charities reported more than 500 personal data breach incidents to the Information Commissioner’s Office (ICO) last year, latest figures have revealed.
According to the ICO’s annual report for 2019/20 a total of 11,854 reports related to personal data breaches were received, of which 4.5% were generated by charities.
This equates to 535 incidents involving charities.
But the majority of all reports (95%) did not result in any further action by the regulator, although this is not broken down by sector.
The sector generating the most personal data breach reports is health (19.7%), with business and education the next largest sources of reports. Charities are only the eighth biggest source of reports. The only sectors reporting fewer breaches are central government, land or property services and policies and criminal records.
NEW: We’ve published our annual report for 2019/20. It’s been a year of transformation, innovation and change – take a look at some of our highlights below. https://t.co/ovLXqGaXmW pic.twitter.com/sg0G160UXS— ICO (@ICOnews) July 20, 2020
A report from the ICO two years ago identified a number of areas of concern among charities and their handling of data.
This included not undertaking routine data protection or direct marketing policy compliance checks and lack of training.
In March this year Sarah Cox, managing director of faith insurance specialist, Ansvar, detailed why charities need to make cyber security a priority.
This includes having in place insurance to cover the risk of data breaches.