More than 50 data breaches recoded by Gateshead Council in opening months of 2024

More than 50 data breaches recoded by Gateshead Council in opening months of 2024More than 50 data breaches recoded by Gateshead Council in opening months of 2024
More than 50 data breaches recoded by Gateshead Council in opening months of 2024 | LDRS
The data breaches have been blamed in local authority documents mostly on “human error”.

Gateshead Council has recorded over 50 data breaches so far this year, according to published documents.

The data breaches have been blamed in local authority documents mostly on “human error” including using incorrect email addresses, attaching the wrong documents, and sending letters to the wrong addresses. Council officers must complete a data breach form, in detail, as quickly as possible, once a breach is discovered.

Hide Ad
Hide Ad

This allows the local authority to possibly refer a breach to the Information Commissioner’s Office (ICO) where required. If serious enough, a council only has 72 hours to report a major data breach to the ICO.

The ICO is an independent supervisory authority for data protection in the UK. Its mission statement, according to its website, states: “Our vision for data protection is to increase the confidence that the public have in organisations that process personal data.”

Gateshead Council referred two breaches to the ICO in 2023. One involved some test data being mistakenly made live on “certain council-operated websites”, and the other involved social work and or occupational health data being posted to an out-of-date address. No further action was brought from the ICO.

Hide Ad
Hide Ad

According to published documents, the number of breaches from 2020 are:

2020: 30

2021: 64

2022: 98

2023: 157

2024 (so far): 55

The report to the council’s corporate resources overview and scrutiny committee stated: “Whilst it may appear that the increasing numbers are a concern, a cautious approach is taken to reporting matters to ensure the Council is being transparent with regards to data breaches. Where the Council has reported a data breach to the ICO, no action has been taken by the Regulator.”

The documents also state that training and guidance are given where necessary in relation to data breaches. In addition, Gateshead Council is trailing methods to reduce the number of breaches relating to emails.

Related topics:

Comment Guidelines

National World encourages reader discussion on our stories. User feedback, insights and back-and-forth exchanges add a rich layer of context to reporting. Please review our Community Guidelines before commenting.