Intelligent CISO Issue 65 | Page 25

threat updates
Norfolk and Suffolk constabularies have identified an issue relating to a very small percentage of responses to Freedom of Information ( FOI ) requests for crime statistics , issued between April 2021 and March 2022 .
A technical issue has led to some raw data belonging to the constabularies being included within the files produced in response to the FOI requests in question . The data was hidden from anyone opening the files , but it should not have been included .
The data impacted was information held on a specific police system and related to crime reports . The data includes personal identifiable information on victims , witnesses and suspects , as well as descriptions of offences . It related to a range of offences , including domestic incidents , sexual offences , assaults , thefts and hate crime .
The Information Commissioner ’ s Office ( ICO ) has issued a reprimand to NHS Lanarkshire , following staff ’ s unauthorised use of WhatsApp to share patients ’ personal data over the course of two years .
Between April 2020 and April 2022 , 26 staff at NHS Lanarkshire had access to a WhatsApp group where patient data was entered on more than 500 occasions , including names , phone numbers and addresses . Images , videos and screenshots , which included clinical information , were also shared .
A non-staff member was also added to the WhatsApp group in error , resulting in the inappropriate disclosure of personal information to an unauthorised individual . www . intelligentciso . com
25