We’re entering a new phase when it comes to data. Recent legislation has come into effect around the world, such as the European Union’s General Data Protection Regulation (GDPR) and Australia’s Notifiable Data Breaches (NDB) scheme. A string of high-profile breaches and dramatic headlines have contributed to the unsettled miasma, but it’s fair to say that individuals, as well as businesses, are becoming more aware of their duties and rights when it comes to data.

Between when it came into effect in May and the start of July, the GDPR has resulted in 6,281 complaints to the UK’s Information Commissioner’s Office. Just the previous year, the number of complaints in that same six week period was only 2,417.1 According to the Financial Times, the office is preparing to employ more full time staff to deal with the increased workload.

In Australia, the Office of the Australian Information Commissioner (OAIC) has reported that quarterly breach notifications have steadily risen to a total of 242 in the last quarter.2 While the majority of these (59%) were down to malicious or criminal attacks, a concerning 36% were due to human error – such as email or mail being sent to the incorrect person, failure to blind copy emails, or the unintended release of personal information.

As pointed out in Australian Financial Review, with email errors impacting greater numbers than paper mail, there could be a need for business email systems that are designed to reduce such breach possibilities.3 Similar studies reveal that human error is routinely the culprit behind breach events, and the costs can be astronomical.

Business is beginning to adapt to a world with more regulation around data, and considering the value of that data, this is only right. But, as PwC’s John Studley, reminds us, “Staying within the bounds of the law is not nearly enough.” With regulation playing perennial catch up to technology, it’s up to business to live by a set of data ethics principles and maintain trust with those users whose data it is benefiting from.

And sometimes, this will mean looking within.

Infographic: The accidental data threat from within

 

Infographic: The accidental data threat from within