What action we've taken in Q4 2019-20 and what you can do to stay secure

Data security incidents, which are breaches of the seventh data protection principle or personal data breaches reported under the Privacy and Electronic Communications Regulations, are a major concern for those affected and a key area of action for the ICO. We have published this information to help organisations understand what we’re seeing and help them to take appropriate action.

Fines and enforcement notices

What you've reported to us

  • These figures are based on the number of reports of personal data breaches received by the ICO during Q4 2019-20. These figures are based on the number of reports submitted by the data controller, not necessarily the number of incidents.

What you can do to stay secure

  1. Consider metadata when redacting information.
  2. Check all data has been redacted and is not reversible before releasing.
  3. Get someone to double check redactions.