- Home >
- RoWebNL News
Province of Fryslân is leader in the number of data breaches
LEEUWARDEN. From lost telephones to a hacked e-mail account: last year no province detected as many data breaches within the organization as Fryslân.
At the push of a button, a human resources officer mistakenly sent the salary details of 180 employees of the province of Fryslân to 10 managers within the organization. Not only sloppy, the incident also enters the books as a data breach. Personal data of civil servants have incorrectly been made public under a - albeit limited - group of executives.
Fryslân has the dubious honor of being the leader in the number of data breaches recorded in 2018. A total of 16 reports were made of the improper dissemination of privacy-sensitive information from employees and citizens. Brabant recorded 14 data breaches and Drenthe 13. At the bottom of the list is Zeeland, with one detected leak.
The figures were requested via Reporter Radio, the investigative journalistic program of Radio 1 with which the Leeuwarder Courant cooperates, via a WOB request (invoking the Public Accessibility Act). Omroep Brabant and newspaper De Limburger also participate in the survey.
The question is whether officials from the province of Fryslân actually handle sloppily with personal data and more often fall victim to hacking than their colleagues in other provinces, or whether they simply report incidents more fanatically at the offices on the Tweebaksmarkt in Leeuwarden.
The fact is that since the introduction of the AVG (General Personal Data Regulation) on 25 May last year, many more reports of data breaches have suddenly come in than before. For example, Fryslân recorded only one data breach in 2017 and all 16 reported leaks from last year were after the introduction of the AVG. There is also an explosive growth in the number of registered leaks nationwide: from 37 in 2016, to 52 in 2017 and 90 last year.
"It is seker sa that the ynfiering fan folks the AVG as hat that colleagues faker reports dogge fan data leaks," said Jelmer Hiemstra, data protection officer for the ministry. ,, It hat foar awareness soarge. Libbet mear. And the ynfiering fan the AVG hawwe wy ek in protokol foar the omgong may data leaks. ”
That is very good, says Pauline Gras of the Dutch Data Protection Authority (AP). "The importance of combating data breaches must really come to the minds of employees," said Gras. "Because we see that people are a very important factor in the development of leaks."
Encounter an employee of the provinsje a possible leak of the
personal data, he or she must report this via the organization's intranet. The report and the description of the incident are received by Hiemstra, who is investigating it further. If it is indeed personal data that has been visible to unauthorized persons, it will be entered as a data breach.
An "awareness-raising interview" is being conducted with the colleague who was responsible for the incident. "Sa wolle wy der as as organizer lea-ring út lûke, to be the better fan," said Hiemstra. Moreover, the provins also think it is just important that the data of people are handled with care, he emphasizes.
One of the 16 incidents from 2018 has reported the provision to the Dutch Data Protection Authority (AP). This concerned the e-mail of the 180 employees with information about their salary. The rest of the incidents were not reported, according to the provins, because this would not have been necessary in those cases.
Nationally, 66 out of 90 leaks were not reported to the privacy watchdog last year. The provincial Fryslân has reported two incidents from the first months of this year to the AP. Hiemstra does not want to disclose what these incidents entail. ,, At wy it reported moatte oan the AP, then wy reported it. And if it was just that, then what that net was, "said the data protection officer