The Information Commissioner’s Office (ICO) this week is raising awareness about the “ripple effect” of data breaches on individuals’ lives. John Edwards, Information Commissioner, shares on the ICO blog examples of how data breaches can expose individuals’ sensitive information, leading to stigma, discrimination or physical danger, particularly for those who are vulnerable.
Examples of real scenarios where the effects of data breaches can be life-altering are shared by the ICO. Those are: where a victim of domestic abuse, recently escaped, has a new confidential address exposed due to a data breach; or where a person living with HIV has medical information accidentally disclosed due to a data breach.
The Information Commissioner explains that as far as data breaches are concerned, “the personal and emotional toll […] is too often overlooked”. He goes on to indicate that organisations should recognise that when an data breach occurs, “it is not just an admin error – it is a failure to protect someone.”
The ICO stresses the need to communicate with empathy where there has been a data breach, by adopting better organisational responses and increased support for affected individuals. The ICO warns that it expects more from organisations in relation to this – the ripple effect of data breaches must be better addressed going forward – and has published new guidance to support organisations in this effort.
For more on notifying individuals of data breaches, read our Data and Cyber School article: Guide to alerting the affected when managing data breach notifications | Gowling WLG.
For advice on the best approach in your context as to data breach notification to individuals, please contact Amber Strickland or Patrick Arben.
