ICO slams private sector for being worst data breach offender

Privacy watchdog the Information Commissioner's Office (ICO) has warned that companies need to be more open to data protection audits, after its latest report found that the private sector reported the most data breaches of any sector last year.

The ICO's annual report, released on Wednesday, found that around a third of the 603 breaches reported to the regulator in the 2010/11 period occurred in the private sector.

The figure is all the more telling given that private sector firms are under no obligation to report breaches to the ICO, unlike their public sector counterparts.

The ICO said that only 30 per cent of organisations and 19 per cent of businesses contacted during the period agreed to undergo a free data protection audit.

Information commissioner Christopher Graham argued that the audits should be seen as a "badge of honour" for those companies deciding to undergo one.

"Lenders, general businesses and direct marketing companies account for almost a third of total complaints to the ICO, and businesses were the top sector for reporting data security breaches to us last year," he said.

"Despite this, many of them are still resisting our offer to undergo audits. We've written to organisations we consider to be high risk, but the response has been disappointing."

The news comes just days after the ICO lambasted the NHS for its data security efforts, insisting that a cultural change is needed in the service if it is to improve its woeful track record on data breaches.