The number of data protection complaints by Jersey residents and self-reported data breaches by organisations is significantly down since October 2018, according to the Jersey Office of the Information Commissioner.
A total of 79 breaches were reported in Jersey from 22 October to 21 December 2018, with that figure almost halving to 47 in the following two months.
Among financial institutions, the number of reported breaches dropped from 18 between 22 October and 21 December last year to 13 between 22 December and 22 February this year. In the legal sector, the figures for those periods were 10 and two respectively.
Dr Jay Fedorak (pictured), the island’s Information Commissioner, pointed to an increased awareness among islanders and businesses regarding their personal information rights.
“We have been educating islanders on the types of data breaches to report, including a successful series of presentations as part of the recent Data Protection Week," he said. "These include implementing simple data protection measures – for example, turning off autofill on emails to prevent personal data being sent to the wrong person.”
The Office of the Information Commissioner has also been working with the island’s businesses to enable them to better understand the types of breaches that need reporting.
“Breaches are an inevitability, but managing and learning is key,” added Fedorak. “Through continued awareness and education, organisations have a greater understanding of what they need to report and understand the importance of training staff around practicable breach reporting mechanisms.
"They also understand that the law still requires the organisations to complete an internal data breach register, which we have the power to review.”