UK Pandemic Programs Failed To Protect Citizens’ Health Data, Say Campaigners

The UK’s Information Commissioner’s Office (ICO) did not act on repeated data protection violations by the government, says the Open Rights Group (ORG). The ORG’s analysis of three major Covid-19 health programmes found them to be lacking in compliance with article 35 of the GDPR. The ICO, however, refutes ORG’s allegations and insists that it prioritised helping organisations grasp how data protection laws could aid their response to the pandemic.