180 data breaches identified in Guernsey in 2021

180 personal data breaches were reported in Guernsey in 2021. 

The Office of the Data Protection Authority (ODPA) carried out 17 investigations and one inquiry over the course of the year.They also received 35 data protection complaints from members of the public.

The Authority reviews all breaches that are self-reported by organisations.

There were more than 65 reports of personal data being sent to the wrong recipient by email and 40 reports of incorrect data being sent by post.The fiduciary, health and public authority sectors were responsible for a majority of breaches.

Richard Thomas CBE, Chair of Guernsey's Data Protection Authority, said: "Personal data now lies at the very heart of the digital economy in ways which were unimaginable just 20 years ago.

"Handling that information well is vitally important for the trust which has to be built and maintained.

"The ODPA primarily exists to help organisations get it right and to help people safeguard their own interests and understand their rights. We are educators and promoters of good practice.

"We have not needed to impose any fines this year. We hope that this indicates that public and private sectors are taking their responsibilities seriously, though we have had to issue a number of reprimands.

"In the same way that organisations are accountable for how they handle personal information, we will continue to demonstrate our accountability for how we protect people and how we promote prosperity."

More than 20,000 organisations across the Bailiwick have now legally registered with the ODPA.