The number of data breaches from Gateshead Council has increased since 2020, local authority documents reveal.
One incident involved a “generic email” which was sent to 118 people with the CC function rather than the BCC function, subsequently leaking the recepients’ email addresses. Other cases included “missing paper forms containing financial information” and the failure to redact an address in council documents where individuals had asked for it to be removed.
The number of data breaches since 2020 are recorded as:
2020 – 30
2021 – 64
2022 – 98
Councillors have now been informed there have been 39 recorded breaches in this year alone. However, council lawyer, Angela Simmons-Mather, told elected members the reason for the increase lies with improved methods to record and respond to data breaches.
In addition, none of the breaches have resulted in action from the Information Commissioner’s Office (ICO). The ICO is an independent organisation which regulates data protection throughout the UK.
Ms Simmons-Mather continued: “The most common cause remains human error, being busy, putting the wrong email address in, wrong attachments, incorrect documents in envelopes. The advice we give in every breach is that people need to be more vigilant and take a step back when handling personal information.
“Where there has been a more serious breach we can provide tailored training, all staff are required to undertake annual training on the council’s learning hub. This is to make sure everyone across the council is familiar with their obligations with regards to data protection.”
Ms Simmons-Mather also stressed the council’s need to be transparent about data breaches.
Chairman of the cooperate resources overview and scrutiny committee, cllr John Eagle, maintained he was confident in the systems in place at Gateshead Council to keep on top of future breaches.
Cllr Eagle said: “I am confident we are open and honest with data breaches and we take them very very seriously. I think the figures show how many issues there have been and there is no problem”.
Mr Eagle also stated getting emails wrong was an “easy mistake to make”.