Gloucester Police data breach

Comma's own Remco Swart comments on Gloucestershire Police being fined for revealing identities of abuse victims in bulk email

Rawpixel 620238 Unsplash

Accidently sending an email using "To" instead of "BCC" revealed the other email recipients including the abuse victims in a bulk email. Small mistake, but real impact. To what extent is the officer (sending the email) repsonsible and the Gloucestershire Police who couldn't prevent this mistake and exposed the employee to this risk?

ICO fined the organisation £80k, the maximum penalty saying: “The risks relating to the sending of bulk emails are long established and well known, so there was no excuse for the force to break the law – especially when such sensitive and confidential information was involved.”

- Remco Swart, Comma Consultant

Do you also face these risks related to sending (bulk) emails in your daily work? If your interested how your organisation can mitigate such risks, please reach out to Comma.