THERE WAS A 70% increase in the number of valid security breaches in 2018 when compared the those recorded in 2017.
This is according to figures compiled as part of the first annual report of the new Data Protection Commission (DPC).
Under new GDPR legislation, introduced by the EU last year which allows individuals to request the personal details companies hold on them, 582 complaints were made about access rights, which represents 30% of all GDPR complaints. A further 396 complaints, or 22% of total complaints, were “multinational complaints”.
Under the Data Protection Act 1988, 39% of complaints were about access rights, which equals 365 complaints. Unfair processing of data accounted for 19% of complaints (178).
There were 3,134 complaints about disclosure (unauthorised) 116 about hacking, and 196 about paper lost or stolen. 107 complaints were made about phishing scams.
As was the case in 2017, there was a rise in the number of cyber security compromises notified with the number of notifications increasing sharply from 49 cases in 2017 to 225 in 2018.
“Cases such as these include phishing, malware and ransomware attacks,” the report said.
The report said that many of the complaints that the DPC receives relating to unauthorised disclosure of personal data in an electronic context – eg, emails containing personal data sent to the wrong recipient – stem from use of the auto-fill functions in software.
The report said that 15 statutory inquiries were opened in relation to the compliance of certain technology companies with the GDPR.
Commenting on the impact the introduction of GDPR has had, Data Protection Commissioner Helen Dixon said:
“Although we are still in the stage of having to bust some myths and misunderstandings that have built up around the GDPR, we feel very optimistic about the improvements we will see in Ireland in personal-data-handling practices over the next few years.”
To embed this post, copy the code below on your site
have your say