UK: Data breaches reported to ICO drop 20 per cent due to Covid


the Information Commissioner’s Office (ICO) reported a 20 percent decrease in reports of personal data breaches from 11,854 in fiscal 2019/20 to 9,532 in the last fiscal year.

These figures were published in the ICO’s annual report and published by the Parliament Street Think tank. The report cited the pandemic as the main reason for this decline, also mentioning that the introduction of mandatory reporting of breaches in sectors processing large amounts of personal data also contributed to the downward trend in personal data breaches reported to the ICO.

The industry that reported the most data breach incidents was healthcare – which accounted for 16.8 percent of all data breaches reported to the ICO in FY 20/21. Education and childcare came second, reporting 1,160 incidents of personal data breaches last year, representing 13.6 percent of the total.

Retail and manufacturing followed with 10.9 percent; Financial insurance and lending ranked fourth at 10.5 percent and local governments fifth after reporting 8.8 percent of the total personal data breaches reported to the ICO.

In addition, 71.4 percent of all personal data breaches reported to the ICO did not result in any further action. However, more than a fifth (21.6 percent) was examined further – the specific results of these examined cases were not clarified.

However, the report showed that 3.9 percent of personal data breaches resulted in “informal” actions and only 0.1 percent of cases resulted in formal actions that included administrative sanctions or a lower fine.