Less than one in five (19 percent) of UK firms have taken up the offer of a free data protection audit, says the Information Commissioner's Office (ICO).
According to the organisation's annual report, 603 data losses were reported to the ICO in the last year, with 186 - almost a third - taking place in the private sector. However, 71 percent of public-sector organisations agreed to be audited.
"Lenders, general businesses and direct marketing companies account for almost a third of total complaints to the ICO, and businesses were the top sector for reporting data security breaches to us last year. Despite this, many of them are still resisting our offer to undergo audits. We've written to organisations we consider to be high risk, but the response has been disappointing," said information commissioner Christopher Graham.
"These audits are not about naming and shaming those who are getting it wrong. The fact that a company has undergone a consensual audit should count as a badge of honour, showing that the business takes data security seriously. After all, sound data protection practices are irrevocably linked to providing good customer service."