Human error council data breaches

local council data breach

Although we may imagine many data breaches to occur as a result of external threats from hackers and cybercriminals, unfortunately, many arise within the affected organisations themselves. In fact, the mistakes of employees often account for failures in data protection, and human error council data breaches feature significantly among these accidental events.

The automation and regularity provided by computer systems and databases should allow little room for error in this day and age. Unfortunately, outdated operations and procedures that many companies still employ means that some mistakes slip through. The ignorance of what constitutes as good data protection practices can worsen the issues further.

If you have been a victim of negligence regarding data protection, you may be entitled to claim compensation for the damage that has been caused. Human error is not a viable excuse for data protection failures, so organisations must be held accountable for the broader data protection problems which these errors indicate.

The rise of human error council data breaches

Human error council data breaches have frequently hit the headlines of both local and national newspapers in recent years. In many cases, it has only taken a few clicks to jeopardise council data security.

Many breaches occur via emails, such as accidental attachments of private data, or the sender failing to use the blind carbon copy (Bcc) feature to anonymise recipients in a mass email. An incident like this occurred recently at Bristol City Council, as an employee failed to anonymise recipients, resulting in the exposure of the names of children with disabilities and special educational needs, as well as the email addresses of their primary care providers.

Sheffield City Council has explicitly cited human error as a primary cause of the 231 data breach incidents that they reportedly recorded over the course of 2018 and 2019.  Among the personal data breaches, many were reportedly caused by human error, including emails or post being sent to the wrong recipient. Some also involved printing errors which should have been picked up by council employees.

The implications of human error data breaches

With huge numbers of data breaches occurring as a result of human error, it is clear that we have a significant problem to remedy. Human error has become a byword for unintentional data leaks, but we must debunk the myth that these are simply accidents, as these so-called mistakes can show a greater disregard for data protection.

In fact, the ‘human error’ excuse can highlight that organisations may have failed to teach their employees about data protection procedures and the importance of following them. All employees must be aware of their individual duties, even if this as simple as a quality control measure, like checking over a letter or email.

In addition, organisations need to investigate how they can use technology and security systems more effectively to reduce the risk of errors. Technology has long been a tool for systematising human operations, so this is by no means a radical suggestion. There are many readily available mass emailing platforms out there to be used.

Claiming for a council data breach

If a council has breached the GDPR and you have been adversely affected, you may be able to claim compensation.

You do not have to just accept human error as a viable excuse. When you claim in a setting like this, you will not be persecuting an individual for their mistake, as the blame can fall squarely on the overall organisation.

The Data Breach Lawyers are here to support anyone who has suffered distress and/or financial losses as a result of a data breach, and we can offer No Win, No Fee representation to eligible clients.

IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.

Request a Callback from our team!

Fill out our quick call back form below and we’ll contact you when you’re ready to talk to us.
All fields marked * are required.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy.
You have the right to object to the processing of your personal data.