Despite the best efforts of organisations taking appropriate safeguarding measures, instances of unauthorised and unlawful processing of personal data will still happen. The likely reasons are as follows:
• Loss or theft of data or equipment on which data is stored
• Inappropriate access controls allowing unauthorised use
• Equipment failure
• Human error
• Unforeseen circumstances such as a fire or flood
• Hacking attack
• ‘Blagging’ offences where information is obtained by deceiving the organisation who holds it
This is an necessary category.