Barclays plc, Lloyds Banking Group plc and Banca Santander are amongst UK banks and building societies that could be breaching data protection rules, according to research by Which?.
The consumer group found that between August 2009 and August 2010 there had been a total of 515 complaints lodged with the Information Commissioner’s Office (ICO) about possible data protection breaches by eight of Britain’s biggest banks and building societies where the ICO thought it was likely they had broken the rules.
Out of these 515 complaints Barclays was the bank with the most suspected breaches with 116 complaints, followed by Lloyds with 114, Santander with 103 and Halifax with 81.
Though Which? suggests that it could be much worse still, which their research showing that just one in ten people have heard of the ICO and as such the amount of complaints received could just be the tip of the iceberg.
Richard Lloyd, executive director of Which?, says: “Banks and building societies hold incredibly sensitive information and the impact on customers can be serious if they mishandle it, from affecting credit ratings to leaving people open to fraud.”
Over half of all complaints arose from firms failing to provide customers with copies of the data held about them properly.
Other potential breaches included banks holding inaccurate data about customers, failing to follow security measures and the disclosure of data to third parties.
While data-related complaints about other organisations such as local authorities and HM Revenue & Customs are going down, banks and other lenders appear to be getting worse at looking after our data.
In 2009, there were 1,163 complaints about financial services firms, up from 1,060 the previous year.
”Regulators need to impose much tougher sanctions on firms who are lax with people’s data as the message clearly isn’t getting through,” Lloyd concludes.