- 17 Jun 2021
Date received: 18 May 2021
Date responded: 16 Jun 2021
1. A yearly (2018/2019/2020/2021) breakdown of the number of data protection breaches under GDPR recorded by the organisation since April 1, 2018.
2. A yearly breakdown of the number of data protection breaches under GDPR reported to the Information Commissioner's Office by the organisation since April 1, 2018.
3. For each year, please provide the number of data protection breaches which took longer than 72 hours to be reported to the ICO.
4. Please also provide a yearly breakdown of the number of each type of data protection breach, described as a ‘Confidentiality breach’ – where there is an unauthorised or accidental disclosure of, or access to, personal data; an ‘Availability breach’ – where there is an accidental or unauthorised loss of access to, or destruction of, personal data, which could be permanent or temporary; or an ‘Integrity breach’ – where there is an unauthorised or accidental alteration of personal data. as described by the Law Society of Scotland.
In your request, you have requested the recorded information under GDPR from April 1st 2018. However, the EU GDPR did not come into force until 25th May 2018 and the UK GDPR did not come into force until 1st January 2021.
Nevertheless, I believe it is clear enough as to what information it is that you wish to request so I have provided this information in the financial year format. (e.g. 1st April 2018 - 31st March 2019). I have also provided the requested information in the order of your request.
3. Not applicable
The Scottish Government is committed to publishing all information released in response to Freedom of Information requests. View all FOI responses at http://www.gov.scot/foi-responses.
Please quote the FOI reference
Central Enquiry Unit
Phone: 0300 244 4000
The Scottish Government
St Andrews House