Council data breaches and the GDPR that’s coming into force this month is a key topic for discussion. With councils and other public sector authorities often experiencing high levels of data breaches and data leaks, it’s imperative that enough attention is paid to the new regulations that could see organisations fined a heck of a lot more money for breaching data laws.
We take on and represent a lot of people for council data breaches, so we know how often they happen, and we know how bad they can be for the victims. Given the nature of the data that councils hold, any breach or leak can often be very serious for the victims who are entitled to claim for data protection breach compensation.
We hope that the new GDPR will allow for a greater focus on data protection to prevent needless breaches that can seriously harm the victims involved. A primary issue is that councils have to hold a wealth of very personal and very sensitive data about people for various reasons: council tax and social services needs are two common ones. This means that a council data breach could end up exposing information about victims that’s incredibly personal.
Victims of a council data breach are entitled to claim for data breach compensation. With the new GDPR in force in a matter of weeks, what councils need to do is ensure that adequate funds are allocated for data protection and ensure that proper systems procedures and protocols are in place to ensure data is safe and secure. It’s important to remember that, once data is exposed, it’s practically impossible in most cases to ever secure it again; i.e. once data is leaked on the internet, its out there and its probably not going away.
The alternative to upholding data protection laws is potentially huge fines that could run into the millions, and data protection compensation claims for the victims. The new GDPR means that punishments can be far more severe, and it means that more thorough consent must be obtained for data collection and sharing.
All in all, GDPR means a higher burden for councils to protect the sensitive data they hold. Unless they have properly shaped-up in time for the changes, fines and fees could be huge.