ICO seeks to review data protection practices of senior civil servants handling sensitive information during the pandemic.


The ICO has called for a government review into the use of private emails and social media channels during the pandemic following concerns detailed in the ICO report “Behind the screens – maintaining government transparency and data security in the age of messaging apps”.

The report follows an investigation into the Department of Health and Social Care (DHSC) during the pandemic and concluded that there were shortcomings in the controls employed by the department in tracking data, within its systems and the increased use of messaging app and technologies like WhatsApp by Ministers and senior government officials. By utilising technologies in this way, these practices risked a data breach where important information was shared without the requisite security embedded in its systems.

The government are not alone here. Across the UK, many businesses and organisations have modified practices and stated polices to respond to business and operational needs during the pandemic. The UK GDPR requires organisations to map its data so that it can put in place organisational and technical measures to ensure information security. This is particularly challenging when it does not have visibility on the ways in which data is shared. This presents a real risk to the transparency and accountability principles underpinning the UK’s data protection legislation.

Businesses, public authorities and government need to recognise that a review of their current practices and calibration to align these with policies will be necessary, to ensure security of information and resilience to cyber threats going forward.

If you have any questions regarding this article, please feel free to contact Louise Weatherhead, a data protection lawyer, by email at Louise.weatherhead@sintons.co.uk, on Twitter @LNWdataprotect, or by telephone on 0191 2263699.


Contact Us






    Sintons LLP would like to contact you about the services that we have to offer. We would like to keep you informed of any important legal updates that may affect you, your organisation or business, such as our newsletters, legal bulletins and details of relevant training courses or other events you may be interested in attending.

    Please confirm that you are happy for Sintons LLP to contact you by:



    For further details on how your data is used and stored click here to see our Privacy Policy.

    You can always change your mind by unsubscribing here.

    We will only use your information to handle your enquiry and won’t share it with any third parties without your permission.