Charity data breaches double over past two years
According to the Information Commissioners' Office (ICO), the number of reported data breaches from charities has doubled. In 2017/18 there were 148 data security incidents referred to ICO by charitable and voluntary organisations. That's a 100% increase over two years.
The rise in charity data breaches reflects a growing trend across all sectors. In fact, over the past two years, general business has seen a 215% increase. At the same time, education and childcare organisations have experienced a 142% rise. On average, the number of reports across all sectors has grown by 75%.
The figures were obtained by risk management firm Kroll via a Freedom of Information Act request.
The General Data Protection Regulation (GDPR) requires organisations to report data breaches. So this is likely to be a key factor in the increase of reports. And we will continue to see a dramatic increase in data breach accounts now that self-reporting is mandatory.
A Kroll spokesperson said: "Reporting data breaches wasn't mandatory for most organisations before the GDPR came into force, so while the data is revealing, it only gives a snapshot into the true picture of breaches suffered by organisations in the UK".
Charity data breaches in the spotlight
Earlier this month it was revealed that a review of eight charities by the ICO uncovered many concerns around data monitoring, reporting and training. As the charities involved voluntarily took part in the ICO risk review, they have not been named.
In addition, earlier this year the British and Foreign Bible Society was fined £100,000 for failing to protect the personal data of 417,000 of its supporters. An investigation by the ICO revealed that the Society exposed these supporters to possible financial or identity fraud.
With data breaches often causing significant distress for those affected, victims of the British and Foreign Bible Society data breach may now want to claim compensation. Find out more about this case.
Making a charity data breach claim
Many people donate to charities and causes they care about. But, while you might support their aims, it is vital that they meet their obligations when it comes to protecting your sensitive data.
Where they fail to do this, holding them to account is often the only way to ensure standards are improved. Often charities and organisations are insured against data breaches, so you don't have to worry about the impact of the good work you support.
What's more, it doesn't matter if criminals haven't used your data. If the data breach has caused you stress or anxiety, then the law agrees that you are entitled to compensation.