From May 25, 2018, the new General Data Protection Regulation (GDPR) is enforceable, after a two-year transition period. Companies that do not comply or are found to be in breach of it, or whose systems are breached and public data is lost as a result, could be forced to pay fines up to 20 million Euro or four per cent of global turnover, plus compensation for damages suffered.
New research has revealed just how little trust British consumers have for public sector online services and use of their data.
Our personal data should be sacrosanct, but many do not trust government services to keep it safe (image: Grandeduc/123rf)
A survey of 500 UK adults, commissioned by Probrand.co.uk, and published in the Public & Private Sector Services Audit, revealed that 83 per cent of British adults are uneasy about sharing their information with the servers or websites of public sector organisations in particular.
The research revealed that one in three (34 per cent) began harbouring these concerns following the 2017 NHS ransomware attack in 2017, which saw thousands of appointments cancelled.
The research found that the British public has less faith in some public sector organisations than others, with the security of the National Health Service (NHS) systems raising the biggest concern for 87 per cent of people. Of those respondents who said they had worries about cyber security within the NHS, 34 per cent stated they were ‘very concerned’ about this.
Eighty-five per cent of the population said they were concerned about the security of data held by Her Majesty’s Revenue and Customs (HMRC), which can include everything from income tax records to child benefit information. Meanwhile, 81 per cent are worried about the data held about them by local government websites and servers.
The survey also revealed that 80 per cent of British adults said they are concerned about the security of data held about them by the Driver and Vehicle Licensing Agency (DVLA), while 78 per cent are anxious about the data held with the Police.
Matt Royle, marketing director at Probrand, said: “The research clearly indicates the ongoing reputational risk and damage of cyber threats like the NHS ransomware attack. It has impacted perceptions of the wider public sector and beyond.
“Private and public sector organisations must reassure customers about the security measures they have and ensure best practice policies and procedures are in place to train and direct employees, encrypt, store, backup and transport personal and business critical data securely. Equally, have a well-rehearsed response plan should a breach occur.
“Importantly, as the depth of personal data has increased along with the threats to acquire this valuable data, so the EU has applied measures to make organisations more accountable for data protection. Now is the time for organisations to bring their data protection up to speed and regain customer trust in the services they provide in doing so.”
For more information and to read the Public & Private Sector Services Audit click here
CRJ will be looking at GDPR and its implications for organisational resilience in our next issue (13:4)