Publication - FOI/EIR release

Data security incidents reported to Data Protection and Information Assets team: FOI review

Published: 8 Jan 2019
Directorate:
Digital Directorate
Part of:
Public sector

Information request and response under the Freedom of Information (Scotland) Act 2002.

Published:
8 Jan 2019
Data security incidents reported to Data Protection and Information Assets team: FOI review
FOI reference: FOI/18/02715/Review  
Date received: 25 October 2018  
Date responded: 22 November 2018
 
Information requested
 
Thank you for your request of 25 October 2018 for a review of our response to your request under the Freedom of Information (Scotland) Act 2002 (FOISA) for: Further details of the 18 data security incidents internally reported to the SG Data Protection and Information Assets team in 2017-18, mentioned on p.29 of the Consolidated Accounts: https://www.gov.scot/Resource/0054/00540845.pdf
 
Response
 
I have been asked by Director of Digital to carry out the review because I was not involved in handling your original request. I have looked at the case afresh to establish whether the original response should be confirmed, with or without modifications as appropriate, or a fresh decision should be substituted.
I have concluded that there is more information available than was provided to you and I note that you have asked for the ‘maximum’ amount of information available to be provided. I have balanced this with the requirement under FOISA to consider the rights of data subjects under the GDPR. Those involved in an incident have an expectation that their details will not be further exposed beyond the purposes of incident management. Redacting these details would be a manual process and will present a further risk to the individuals concerned.
I do however believe that more information can be made available safely on the narrative of the incident, number of persons affected and the response. The attached tables provide that richer information set.
 
About FOI

The Scottish Government is committed to publishing all information released in response to Freedom of Information requests. View all FOI responses at http://www.gov.scot/foi-responses
 
 

Contact

Please quote the FOI reference
Central Enquiry Unit 
Email: ceu@gov.scot
Phone: 0300 244 4000 

The Scottish Government 
St Andrew's House 
Regent Road 
Edinburgh 
EH1 3DG