Given that charities, in the main, have at their heart-protecting and improving the lives of the most vulnerable sectors of society, whether those sectors relate to people, animals or otherwise, morally you would hope that they would be a lesser risk for criminals seeking to take advantage by way of securing data.
Unfortunately, the converse is likely to be true. Charities, as a sector, are likely to be perceived by unscrupulous criminals as both cash-rich and the assumption is that the majority of mid to small size charities are not as well run as larger organisations and accordingly are likely to be an easy target for them.
Charities should therefore actively seek to improve their procedures to protect themselves from potential data breaches (in this regard, see our blog which sets out some useful advice for charities).
An increasing number of data breaches reported by charities
What is concerning is that the trend of figures involving reported data breaches appears to be increasing dramatically. The most recent figures of data breaches reported by charities can be reviewed here and the preceding years’ figures can be found here.
The most recent figures published by the Information Commissioner’s Office (ICO) relate to quarter two of the year 2020/2021. When compared to the same quarter last year, there is a clear and marked increase in the number of data breaches reported by charities, increasing from 108 to 172.
What is worrying is that there appears to have been a marked increase in reports relating to simple preventable breaches. By way of example, the number of data breaches arising from inputting the incorrect email address on an email increased from seven to 27. This is an easily minimised data breach risk by simply deactivating all employees’ autocomplete function on their emails so that they have to actively type in the email address of the individuals in question. This can have a marked and dramatic impact as the figures for both years demonstrate that the vast majority of data breaches are not a result of cybercrime but rather innocent and accidental breaches.
How Nelsons can help
Kevin Modiri is a Partner in our expert Dispute Resolution team.
At Nelsons, we offer a full range of non-contentious services in respect of data protection and further, we have a specialist team that deals with charities.
Should you have any queries relating to data breaches or charities in general, please feel free to contact Kevin or another member of our Charities team in Derby, Leicester or Nottingham on 0800 024 1976 or via our online enquiry form.