News Stay informed about the latest enterprise technology news and product updates.

How to handle a data breach with some dignity

Say this for the unfortunate folks at Her Majesty’s Revenue and Customs: they know how to respond to a data breach. I’m not necessarily talking about the legal response or notification of citizens potentially affected by the HMRC’s loss of two discs containing personally identifiable information for 25 million UK residents. That’s boilerplate at this point. What struck me is the classically British way that the officials involved stepped up and shouldered the blame for the mishap. “This is the biggest privacy disaster by our government,” Jonathan Bamford, assistant information commissioner, told Cnet News. “Clearly on the facts available there appears to be a major contravention of data-protection laws.”

Those are not the kind of statements you see coming from government officials or company executives in the U.S. Here, the company PR operative would have blamed the courier service for losing the discs, then the CEO would have pointed out that they are password protected, so there’s nothing to worry about, and then we’d hear about how it happens to everyone and the criminals are really the ones at fault. Maybe some of the corporate and government CIOs should catch a flight to Heathrow sometime soon to confer with our British cousins on this.

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

Geez, As a "PR operative" for a respected firm (Shift4) I wish you wouldn't lump us all together. Perhaps some could learn from the Brits, but be a little selective with that tar brush.
Ermm, you got this very wrong indeed! Jonathan Bamford is from the independent data protection watchdog, not the UK Government. He was criticising the Government's response in very strong terms. To repeat, he is NOT a 'government official'.