Expert Comments

Experts Reaction On UK Home Office Breached GDPR 100 Times Through Botched Management Of EU Settlement Scheme

Expert(s): Security Experts
Expert(s): Security Experts

It has been reported that the UK Home Office has breached European data protection regulations at least 100 times in its handling of the EU Settlement Scheme (EUSS). IDs have been lost, documents misplaced, passports have gone missing, and applicant information has been disclosed to third parties without permission in some of the cases, according to a new report.

Experts Comments

March 03, 2020
Darren Wray
CTO & Co-founder
Guardum
Whenever you are dealing with personal information, it is vital to follow the Educate and Automate mantra. Education ensures that all staff need, understand and have the right level of awareness of the data protection processes, controls and regulation. Mature controls are automated controls. If you leave staff to send emails as part of a process, data will leak and will breach. The Home Office may blame human error, but the fact is humans can only make mistakes if the processes are not .....Read More
Whenever you are dealing with personal information, it is vital to follow the Educate and Automate mantra. Education ensures that all staff need, understand and have the right level of awareness of the data protection processes, controls and regulation. Mature controls are automated controls. If you leave staff to send emails as part of a process, data will leak and will breach. The Home Office may blame human error, but the fact is humans can only make mistakes if the processes are not automated.  Read Less
March 03, 2020
Tim Mackey
Principal Security Strategist, Synopsys CyRC (Cybersecurity Research Center)
Synopsys
The ICIBI review of EUSS practices highlighted 100 instances of applicant data potentially being mishandled – a situation concerning in light of GDPR. Of these 100 instances, 63 were traceable to documents being misplaced by the postal services. In looking at the remaining instances, we see the impact of improving processes where by August 2019 EUSS employees were able to identify that six incidents were from documents being returned to applicants at addresses containing typographical errors.....Read More
The ICIBI review of EUSS practices highlighted 100 instances of applicant data potentially being mishandled – a situation concerning in light of GDPR. Of these 100 instances, 63 were traceable to documents being misplaced by the postal services. In looking at the remaining instances, we see the impact of improving processes where by August 2019 EUSS employees were able to identify that six incidents were from documents being returned to applicants at addresses containing typographical errors written by the applicants. As with any government scheme, particularly one which directly engages with people for whom English isn't a primary language or who are members of vulnerable groups, the utmost care is required in handling their personal information. While no system is ever perfect, ongoing reviews and process improvements are key to ensuring that security gaps are addressed quickly while maintaining public trust.  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.
SUBMIT

You may also like

Planned Parenthood LA breached, Experts Weigh In

Data Security Comment: Colorado Energy Company Loses 25 Years Of...

Colorado Energy Company DMEA Loses 25 Years Of Data After...

Governemnt Data Breach Of New Years Honours Recipients

New Malvertising Campaign Spreads Backdoors, Malicious Chrome Extensions

DNA Testing Firm Discloses Data Breach Affecting 2.1 Million People

Data Hacked For 400,000 LA Patients

IKEA Suffering Ongoing “Reply-Chain” Email Attack

Cybersecurity Expert Reaction On UK’s Financial Regulator Scraps 90-day Authentication...

DNA Testing Firm Discloses Data Breach Affecting 2.1 Million People

Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics

Twitter Facebook-f Linkedin Youtube

Working With Us

The Pages

Our Contributing Experts