DVLA Submits Nearly 200 Breach Notifications to ICO


According to new FOI (Freedom of Information) data, the DVLA reported almost 200 violations to the data protection authority in the past year.

FOI requests were sent to 17 government departments by secure storage provider Apricorn to assess the effectiveness of data security measures in the public sector. Around 14 departments provided answers for the period April 2019 to July 2020.

The DVLA announced that it reported 181 violations to the Information Commissioner’s Office (ICO) in the 2019-20 period. In contrast, the Home Office filed just 25 during the reporting period, while NHS Digital only notified the ICO four times.

“The large number of data incidents reported may be due in part to increased awareness and changes in the processes involved in identifying and managing data breaches. The change in requirements in line with GDPR will of course lead to an increase in the numbers that are now reported to the ICO, ”argued Jon Fielding, EMEA managing director of Apricorn.

“Of course, if the data were first and foremost secure, the number of violations and the need to report them would decrease. Public bodies should follow the same process as any company when it comes to risk reduction. At the very least, data should be encrypted during transport and at rest so that the data is not accessible in the event that the defense is compromised. “

He added that the rise in remote working due to the pandemic may also raise data security concerns if information is not properly protected as it leaks to home endpoints and cloud servers.