What action we've taken in Q4 2018-19 and what you can do to stay secure

Data security incidents, which are breaches of the seventh data protection principle or personal data breaches reported under the Privacy and Electronic Communications Regulations, are a major concern for those affected and a key area of action for the ICO. We have published this information to help organisations understand what we’re seeing and help them to take appropriate action.

What you've reported to us

  • These figures are based on the number of reports of personal data breaches received by the ICO during Q4 2018-19. These figures are based on the number of reports submitted by the data controller, not necessarily the number of incidents.
  • Please note that the ICO's internal reporting system has changed since the previous report (Q2 2018-19), which may affect quarterly comparisons.


What you can do to stay secure

  1. Consider metadata when redacting information.
  2. Check all data has been redacted and is not reversible before releasing.
  3. Get someone to double check redactions.