Personal data of nearly 300 payers leaked from the Social Insurance Institution (ZUS) as a consequence of an unfortunate incidental that caused a wave of concerns and concerns among customers and data safety experts. It turned out that this data was sent in an email by a ZUS worker to a private address. This situation not only affects the privacy of customers, but besides puts the data protection strategy in question in the institution.
ZUS, being a key body dealing with pensions and social insurance in Poland, is liable for immense amounts of individual data of citizens. Leaking specified crucial data, specified as PESEL numbers, residence addresses or bank accounts, can lead to serious consequences for the persons concerned.
This case has already been reported to the Office for individual Data Protection (UODO), as well as to the prosecution. Notification to the UODO means that that authority shall take action to analyse the full event and to impose sanctions on the Social safety Office if irregularities are detected in the processes related to the protection of individual data.
Furthermore, it should be noted that ZUS itself has taken steps to mitigate the effects of this incident. Paweł Żebrowski, the ZUS spokesman, stressed that all safety procedures were implemented and the service consequences were imposed on the worker liable for sending the data to a private address.
However, legal experts point out that even if the data breach was accidental, it is inactive a serious violation of the law. Dr. Dominik Lubasz, legal counsel from Lubasz and Partners, notes that it is crucial to realize the reasons for the disclosure of data and the scope of this disclosure. In the context of the existing provisions of the GDPR (General Data Protection Regulation), the consequences of this incidental may be serious, both for the ZUS worker and for the institution itself.
It should besides be taken into account that specified situations undermine citizens' assurance in state institutions which are liable for protecting their individual data. The ZUS data leak is simply a informing to all institutions to make further efforts to defend individual data and to implement even stricter safety procedures to avoid akin incidents in the future.
The leak of data from ZUS is simply a problem that not only concerns the privacy and safety of citizens' data, but besides puts the effectiveness and credibility of the institutions liable for their protection at issue. In this situation, all possible measures should be taken to prevent akin incidents in the future and reconstruct public assurance in the institutions liable for the protection of individual data.
Ignacy Michałowski
OSINT investigator with experience in global journalism projects. It has been publishing materials for over 20 years for the largest releases. In social activities he engaged in various projects and initiatives aimed at improving the quality of life of people, especially those of mediocre communities. He was besides active in the fight for human rights. Contact: kontakt@legaartis.pl
Continued here:
Data leak from ZUS. PESELE and ID number, addresses
