Breaches of data protection policy are usually caused by human error or mistakes, but often because staff do not appreciate the importance of protecting the information, a senior audit specialist has warned gaming firms.