GLD Vacancies

Healthcare sector accounts for 25% of all data loss incidents: KPMG

The proportion of reported data loss incidents that involve the healthcare sector doubled in the first six months of 2010, according to research by professional services firm KPMG.

The sector accounted for 25% of all incidents, KPMG’s 2010 Data Loss Barometer found. The Information Commissioner’s Office has already warned that the NHS has seen the highest number of serious breaches since 2007.

Healthcare was closely followed by government – both central and local – which was involved in a fifth of all incidents.

KPMG’s research also showed that one in five reported data loss incidents in the first half of 2010 came from malicious attacks inside the affected organisation. The percentage of incidents from malicious attacks has been growing rapidly – such incidents accounted for only 4% of the total in 2007. Hacking nevertheless remains the biggest threat, the Data Loss Barometer suggested.

On a positive note, there was a decrease in the number of publicly disclosed incidents for the second year in a row.

On malicious attacks, Malcolm Marshall, head of the information security practice at KPMG in the UK, suggested that the recession may have played its part in driving up the increase, as data becomes an increasingly valuable commodity.

“But the alternative is that as organisations get wiser to the tactics of hackers, then criminals may be tempting staff to pass on valuable information – hence the massive growth in the insider threat,” he warned.

Publication of the research results comes just days after the ICO fined Hertfordshire County Council £100,000 for accidental data breaches in its childcare litigation unit.

Employment services company A4e was also handed a £60,000 penalty for failing to use encryption on a laptop containing information on customers of two law centres. The laptop was then stolen from an employee’s home.

KPMG’s Marshall said: "The fear of tougher sanctions, regulatory developments and negative publicity appears to have increased the awareness of the need to protect vital information. But as 'cyber wars' begin to take hold as a threat, and criminals constantly seek new ways of infiltrating systems, businesses and individuals alike need to ensure the security of their data is given utmost priority.”