Posted on February 28, 2018 by staff

Most adults concerned about public sector data security


Ahead of the introduction of new GDPR legislation which will fine businesses for poor data protection, new research has revealed just how little trust consumers have for public sector online services and use of their data.

A survey of 500 UK adults, commissioned by and published in the Public & Private Sector Services Audit, revealed that 83 per cent of British adults are uneasy about sharing their information with the servers or websites of public sector organisations in particular.

The research found that one in three (34 per cent) began harbouring these concerns following the 2017 NHS ransomware attack in 2017 which saw thousands of appointments cancelled.

It also revealed that the British public has less faith in some public sector organisations than others, with the security of the NHS systems raising the biggest concern for 87 per cent of people.

Of those respondents who said they had worries about cyber security within the NHS, 34 per cent stated they were ‘very concerned’ about this.

85 per cent of the population said they were concerned about the security of data held by Her Majesty’s Revenue and Customs (HMRC) which can include everything from income tax records to child benefit information.

Meanwhile, 81 per cent are worried about the data held about them by local government websites and servers.

Data revealed that 80 per cent of British adults said they are concerned about the security of data held about them by the Driver and Vehicle Licensing Agency (DVLA), while 78 per cent are anxious about the data held with the Police force.

“The research clearly indicates the ongoing reputational risk and damage of cyber threats like the NHS ransomware attack,” said Probrand marketing director Matt Royle.

“It has impacted perceptions of the wider public sector and beyond.

“Private and public sector organisations must reassure customers about the security measures they have and ensure best practice policies and procedures are in place to train and direct employees, encrypt, store, backup and transport personal and business critical data securely.

“Equally, have a well-rehearsed response plan should a breach occur.

“Importantly, as the depth of personal data has increased along with the threats to acquire this valuable data, so the EU has applied measures to make organisations more accountable for data protection.

“Now is the time for organisations to bring their data protection up to speed and regain customer trust in the services they provide in doing so.”

From 25th May 2018, the new General Data Protection Regulation (GDPR) will supersede the UK Data Protection Act 1998.

Companies who do not comply or are found to be in breach of it, or whose systems are breached and public data is lost as a result, could be forced to pay fines up to 20m Euro or four per cent global turnover, plus pay compensation for damages suffered.