We use cookies to collect anonymous data to help us improve your site browsing experience.

Click 'Accept all cookies' to agree to all cookies that collect anonymous data. To only allow the cookies that make the site work, click 'Use essential cookies only.' Visit 'Set cookie preferences' to control specific cookies.

Set cookie preferences

Your cookie preferences have been saved. You can change your cookie settings at any time.

Publication - FOI/EIR release

Social Security Scotland privacy measures and personal data breaches: FOI release

Published
21 May 2025
Topic
Public sector, Work and skills
FOI reference
FOI/202500456060
Date received
6 March 2025
Date responded
1 April 2025

Information request and response under the Freedom of Information (Scotland) Act 2002

Information requested

Request for information 1: Confirmation of the standard privacy measures which you implement in fraud investigations in order to prevent privacy infringements taking place as of February 2025.

Request for information 2: Confirmation of if there have been cases in which privacy infringements have occurred due to a fraud investigation, as of February 2025.

Request for information 3: Confirmation on the number of cases in which privacy infringements have occurred due to a fraud investigation, as of February 2025.

Response

We have interpreted the term “privacy infringement” to mean personal data breaches arising from noncompliance with UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Request for information 1:

All of the information you have requested is available from the below links. Under section 25(1) of FOISA, we do not have to give you information which is already reasonably accessible to you. If, however, you do not have internet access to obtain this information from the website(s) listed, then please contact me again and I will send you a paper copy.

Fraud investigations are carried out in line with the Social Security Scotland - Code of Practice  for Investigations, The Social Security Assistance (Investigation of Offences) (Scotland) Regulations 2020 and the Social Security Scotland - Counter Fraud Strategy.

Data protection is governed by the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

For information on how we process our clients’ personal data, please see the following privacy information: Privacy notice and data protection - Social Security Scotland - mygov.scot

Request for information 2 and 3:

We hold record of one case where a personal data breach has arisen during the course of a fraud investigation. To be helpful, we can advise that this was risk assessed as a non-reportable personal data breach.

About FOI

The Scottish Government is committed to publishing all information released in response to Freedom of Information requests. View all FOI responses at https://www.gov.scot/foi-responses.

Contact

Please quote the FOI reference
Central Correspondence Unit
Email: contactus@gov.scot
Phone: 0300 244 4000

The Scottish Government
St Andrew's House
Regent Road
Edinburgh
EH1 3DG

Back to top