Data breach notifications submitted to the Scottish Government: FOI release

Information requested

 

You asked for security breach notifications submitted to the Scottish Government for the past two years, which after clarification, resulted in requesting information relating to data breaches notifications over the last 2 year as a whole figure.

 

Response

 

The answer to your question is:

• There were four significant data security incidents in 2016-17 that could have resulted in the loss of Scottish Government information. Three of these incidents were also reported to the Information Commissioner’s Office ( ICO). While no enforcement action was taken by the Information Commissioner, appropriate actions were taken by the Scottish Government in each case to ensure that the probable impact of any loss was minimised. Additional local procedures were also put in place to minimise the likelihood of any future recurrence.

 

• Eighteen data security incidents were internally reported to the Scottish Government Data Protection and Information Assets team in 2017-18, of which four were reported to the Information Commissioner's Office (ICO) throughout over the year. While no enforcement action was taken by the Information Commissioner, appropriate actions were taken in each case to ensure that the probable impact of any loss was minimised. Additional local procedures were also put in place to minimise the likelihood of any future recurrence.

 

About FOI

The Scottish Government is committed to publishing all information released in response to Freedom of Information requests. View all FOI responses at http://www.gov.scot/foi-responses.