Skip to main content
FIND A LAWYER
ARTICLE

GDPR – new law but the same weakest link

One of the key principles of the GDPR is the need to keep personal data secure.  Most organisations have implemented new or enhanced technical solutions over the last couple of years with a view to meeting these obligations.

The weakest link though is not the technology.  It’s not even the threat posed by hackers, phishers or scammers.  It’s “people”.

They are the ones who are prone to leave laptops on the train, or to plug memory sticks into their computers without virus checking them, or to click on attachments to rogue emails.

And to put lists of email addresses in the “To” or “cc” fields rather than in the “bcc” field when sending an email to a list of recipients. The Government has suffered the embarrassment of this particular human error not once but twice in the spring of 2019.

First the government has made an unreserved apology for disclosing the email addresses of some 500 members of the Windrush generation when emailing them using a list of email addresses.  Then the Home Office in the same way revealed the personal email addresses of 240 EU citizens who were involved in the process of seeking settled status in the UK in the context of Brexit; they blamed it on human error.

Organisations need to continue to train their people and to remind them of the importance of keeping personal data secure. Compliance with GDPR is an ongoing requirement.

This update is for general purposes and guidance only and does not constitute legal or professional advice. You should seek legal advice before relying on its content. This update relates to the prevailing circumstances at the date of its original publication and may not have been updated to reflect subsequent developments. If you have general queries about our updates, please email: mailinglists@greenwoods.co.uk




    By completing and submitting this form, you consent to Greenwoods Legal LLP processing your personal data to provide you with the email update services you have selected and any other materials and information about our services that Greenwoods Legal LLP reasonably believes will be of interest to you. You are free to withdraw your consent at any time by emailing mailinglists@greenwoods.co.uk





      By completing and submitting this form, you consent to Greenwoods Legal LLP processing your personal data to provide you with the email update services you have selected and any other materials and information about our services that Greenwoods Legal LLP reasonably believes will be of interest to you. You are free to withdraw your consent at any time by emailing mailinglists@greenwoods.co.uk