The Information Commissioner's Office has criticised businesses for refusing data protection audits.
Figures from the ICO annual report - being published today - show that of the 603 data security breaches reported to the ICO in 2010/11, 186 (almost a third) occurred in the private sector.
Despite this, just 19 percent of businesses contacted by the ICO accepted the offer to undergo free data protection audits. In contrast, 71 percent of public sector organisations who were contacted agreed to be audited.
Information Commissioner Christopher Graham, said: "Many private businesses are still resisting our offer to undergo audits. We've written to organisations we consider to be high risk but the response has been disappointing.
"These audits are not about naming and shaming those who are getting it wrong. The fact that a company has undergone a consensual audit should count as a badge of honour, showing that the business takes data security seriously."
During 2010/11, the ICO wrote to over 100 public and private sector organisations to offer its services. Of those approached, 30 percent have agreed to undergo an audit.
In 2010/11, the ICO completed 26 audits, a 60 percent increase on 2009/10. Following the audits, the ICO found that 92 percent of its recommendations were being acted upon.
Last week the ICO warned NHS trusts to "take much more assertive steps" to protect patient records.
The warning came after the ICO found five health organisations had "seriously breached" the Data Protection Act.