Messaging apps and data security

July 12, 2022

The Information Commissioner is calling for a government review around its use of messaging apps such as WhatsApp. 

Lots of businesses use messaging apps nowadays to communicate within teams and with customers.  Some messaging apps even boost a versions of their app specifically for business but are these services really secure enough when it comes to data and UK GDPR?

During the pandemic, the Department of Health & Social Care (DHSC) used messaging apps like WhatsApp as a method of communication which sparked numerous complaints. 

After a yearlong investigation launched in 2021 by commissioner Elizabeth Denham into the use of messaging apps by Ministers and officials at the DHSC, we now have the ICO’s report “Behind the screens – maintaining government transparency and data security in the age of messaging apps”. You can check out the full report here

You’ll be pleased to know that the issue isn’t directly the security integrity of these messaging apps but the risk that the use of them by Ministers and officials could result in information being lost from the public record.    

The ICO found many failings on the part of the DHSC regarding its use of messaging apps.  One failing that stood out in particular to me was that  the DHSC did not have appropriate organisational or technical controls in place to ensure effective security and risk management when using the messaging apps. 

It is wonderful to embraces new technologies but unfortunately sometimes we take a dive in the deep end without first undertaking proper checks and balances.

So, if you are excited about trying new technology in your business, please first take the time to properly consider with your DPO or your DP adviser, how it will work in your business in line with UK GDPR before you implement change.

author avatar
mjohnson