Spreadsheets are a major cause for concern in the safety of personal information, according to the Information Commissioner's Office (ICO).
The warning comes in the wake of a surge in data breaches caused by Freedom of Information (FOI) requests, with incidents including the leaking of personal information pertaining to witnesses, suspects and victims in a number of crimes.
“The recent personal data breaches are a reminder that data protection is, first and foremost, about people.” said John Edwards, the Information Commissioner, “We have seen both the immediate and ongoing impact that the release of such sensitive personal information has had on the individuals and families involved, and that is why I have taken this action.”
“It is imperative that robust measures are in place to protect personal information. The advice we have issued sets out the bare minimum that public authorities should be doing to protect personal data when responding to information access requests, and to reassure the people they serve, and their staff, that their information is in safe hands.”
Alongside its statement, the ICO has issued a number of recommendations to organizations:
- Immediately stop uploading original source spreadsheets to online platforms used to respond to FOI requests
- Continually provide training to staff who are involved with disclosing information
- Avoid using spreadsheets with hundreds or thousands of rows and instead invest in data management systems which support data integrity
FOI requests are an obligation for public bodies, but personal information is exempt from release and should be redacted before the request is actioned. However, there have been numerous cases where employees have not received enough training to fully redact spreadsheets before release.
Breaches such as these show that data is not just at risk from hackers, but also from general incompetence and highlights the importance of cyber literacy within organizations.
More Microsoft Excel news
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Benedict Collins is a Staff Writer at TechRadar Pro covering privacy and security. Before settling into journalism Ben worked as a Livestream Production Manager, covering games in the National Ice Hockey League for 5 years and contributing heavily to the advancement of livestreaming within the league.
He has a MA in Security, Intelligence and Diplomacy, alongside a BA in Politics with Journalism, both from the University of Buckingham. Outside of work Ben follows many sports; most notably ice hockey and rugby. When not running or climbing, Ben can most often be found deep in the shrubbery of a pub garden.