The number of whistleblower reports made to the Information Commissioner’s Office (ICO) about potential data breaches and the misuse of customer information by organizations has risen by 34% in the last year.
That’s according to RPC, a London-headquartered professional services firm offering legal and consultancy advice to a range of sectors. Of the record-high 427 whistleblower reports made in the last year, RPC stated that further action was taken with 68, including 23 being taken into consideration for investigations.
According to RPC, greater awareness of online fraud and other forms of data theft has caused more people to report businesses for not taking proper precautions with the data they hold.
Richard Breavington, partner at RPC, explained: “Whistleblowing is now a major risk for businesses that fail to deal with a data breach properly, or who have failed to take reasonable steps to protect the data they hold on their customers.
“This makes it more important than ever for businesses who do fall victim to a data breach to respond quickly and to inform the ICO of the data breach if necessary, within the right deadline and ensure customers are informed when they are exposed to a major risk.”
Breavington added that whilst the ICO has indicated that it is exercising some forbearance during coronavirus with regards to investigations and potential disciplinary action relating to data misuse, organizations should not misinterpret that as a “free pass” to neglect sound data security management.
“With millions of employees continuing to work from home, businesses need to have clear practices in place. For example, recommending multi-factor authentication if employees are using their own devices for work and advising employees to update software regularly so it’s at a lower risk of being hacked into.”