Data breaches, privacy leaks, sensitive personal information falling into the wrong hands. Why do these things happen even with the existence of data protection laws, with hefty fines are punishment? And why do they happen even in organisations that have instituted all the policies and procedures required by the law? Because privacy breaches can happen despite legal compliance and good information governance. They happen because of failures in operational compliance. So, how do you avoid privacy breaches happening to you? Drawing on a wealth of real-life case studies and onsite data protection audits, this book investigates the range of things that can easily go wrong on the ground - and indeed have gone wrong! From careless practices and indiscreet communications to IT vulnerabilities and third-party risks, this book shows you where the weakest links are in the collection, usage, retention, disclosure and disposal of personal data.