The CNIL expects a doubling of cases of personal data breach in 2021
For the CNIL, 2021 should be the sign of a doubling of cases of personal data breaches. The French regulator makes this statement after the case of the theft of health data from hospitals in Paris.
Towards a doubling of cases of personal data breach
Since 2018, European legislation has required companies or institutions that process personal data to report to the CNIL or its counterparts any problem concerning this data: loss, theft, alterations. These reports had increased by 24% in 2020 compared to 2019, and the CNIL forecasts a 100% increase over the year 2021, a representative told AFP. “The acceleration of dematerialization and digitization with the pandemic has opened up many opportunities for malicious people, and it is essential to respect” the recommendations of the CNIL and Anssi (guardian of French IT security), he added.
The healthcare sector is particularly affected by the theft of personal data. In 2020, data theft cases concerning him had already increased by 80%, according to the regulator. This week, Paris hospitals (AP-HP) announced that the personal data of 1.4 million people had been stolen following a computer attack. The data includes in particular the identity, social security number and contact details of the persons tested, as well as the characteristics and the result of the test carried out. Several other major health data leak cases came to light in 2021.
To prevent personal data theft, the CNIL recommends having people trained in risks, using data encryption during transfers, updating software components and monitoring vulnerabilities to prevent their exploitation. .