In order for our site to work, small files called ‘cookies’ have been placed on your device. These mandatory cookies do not process any personal data.
We would also like to use analytics cookies to understand how our site is used by visitors and then use this information to improve our site and the experience of using our site. The service we use is Google Analytics.
Please indicate whether or not you are happy to allow the use of these analytics cookies by selecting one of the options below. You can read more about our cookies before you choose and read our Privacy Notice to find out more information on how we use your personal data
Statistics are not always dull. Find out details about important areas of our work, from breach reporting to annual reports here. Publishing this information ensures that we are transparent and accountable about our activities as well as helping to highlight areas of particular focus for the future.
What is a personal data breach? A personal data breach is defined in section 111(1) of the Law as any incident that meets the following criteria:
“a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed”.
There will likely be a breach whenever any personal data is accidentally lost, corrupted or disclosed, or if someone accesses it or passes it on
without proper authorisation to do so.
Why do breaches need to be reported? One of the key changes to the local data protection law that came into force in May 2018 is that organisations are legally required to notify the ODPA of any personal data breach within 72 hours of becoming aware of it (see
section 42 (2) of the Law). You can report a breach to us here.
Why does the ODPA publish breach statistics? We have published statistics of the number of breach reports we receive, every 2 months since October 2018. Publishing this information allows everyone to benefit from a better understanding of how and why breaches happen and how they can be avoided
The Bailiwick of Guernsey's independent authority which regulates data protection legislation through an ethics-based approach, empowers individuals and protects their rights, promotes excellence in data protection, and supports the data economy to embrace
Receive regular information and statistics related to our activities and governance