• 83% of British adults are uneasy about sharing information with public sector organisations
  • A third of concerns raised by the 2017 NHS ransomware attack
  • 87% of people are concerned about the security of data held by the NHS


Ahead of the introduction of new GDPR legislation which will punish businesses for poor data protection, new research has revealed just how little trust consumers have for public sector online services and use of their data. A survey of 500 UK adults, commissioned by Probrand.co.uk, and published in the  Public & Private Sector Services Audit revealed that 83% of British adults are uneasy about sharing their information with the servers or websites of public sector organisations in particular. The research revealed that 1 in 3 (34%) began harbouring these concerns following the 2017 NHS ransomware attack in 2017 which saw thousands of appointments cancelled. The research found that the British public has less faith in some public sector organisations than others, with the security of the National Health Service (NHS) systems raising the biggest concern for 87% of people. Of those respondents who said they had worries about cyber security within the NHS, 34% stated they were ‘very concerned’ about this. 85% of the population said they were concerned about the security of data held by Her Majesty’s Revenue and Customs (HMRC) which can include everything from income tax records to child benefit information meanwhile, 81% are worried about the data held about them by local government websites and servers. Data revealed that 80% of British adults said they are concerned about the security of data held about them by the Driver and Vehicle Licensing Agency (DVLA), while 78% are anxious about the data held with the Police force. Matt Royle, marketing director at Probrand, said: “The research clearly indicates the ongoing reputational risk and damage of cyber threats like the NHS ransomware attack.  It has impacted perceptions of the wider public sector and beyond. “Private and public sector organisations must reassure customers about the security measures they have and ensure best practice policies and procedures are in place to train and direct employees, encrypt, store, backup and transport personal and business critical data securely. Equally, have a well rehearsed response plan should a breach occur. “Importantly, as the depth of personal data has increased along with the threats to acquire this valuable data, so the EU has applied measures to make organisations more accountable for data protection. “Now is the time for organisations to bring their data protection up to speed and regain customer trust in the services they provide in doing so.” From 25th May 2018, the new General Data Protection Regulation (GDPR) will supersede the UK Data Protection Act 1998.  Companies who do not comply or are found to be in breach of it, or whose systems are breached and public data is lost as a result, could be forced to pay fines up to 20 million Euro or 4% global turnover, plus pay compensation for damages suffered.