recent work

Private Organisation breaches Data Protection Act

Spectrum Housing Group, a private housing organisation based in Dorset, emailed a non-secure excel spreadsheet containing personal data of its employees to the wrong external email address, the Information Commissioner’s Office (ICO) has announced today.

The incident, that happened in March this year, was discovered 30 minutes after the email was sent; the unintended recipient was informed and the data destroyed. The data included information such as pension contributions.

The ICO has revealed that Spectrum did not have a policy in place to prevent such situations ocurring, and as such, as requested that the company take corrective action; Wayne Morris, Group Chief Executive, has signed a formal undertaking.

Sally Anne Poole, Acting Head of Enforcement at the ICO, says:

“While on this occasion the information compromised was not sensitive, the fact is that at the time of the incident Spectrum Housing Group did not have appropriate controls in place. This case highlights the need for organisations to make sure that adequate checks are in place and documents suitably protected before they are sent out.”

Comment
Absolute Data is committed to ensuring companies and organisations, regardless of their size, create and follow realistic policies and procedures that are above the law. We can help your organisation create robust and effective data protection policies and procedures: we can spend some time getting to know what data-related activity your business partakes in, and ensure that your policies and procedures reflect this activity. We can also help to train your staff; not only in the importance of data protection, but how they can ensure they are fully adhering to data protection law. DataWise, one of our services, provides clients with a data protection toolkit, which offers a robust and effective solution in reducing the risk of data breaches. With the ICO’s power to fine up to £500,000 for data breaches, it is worth getting in touch with us to discuss how your organisation can ensure legal data compliance. Contact us now at info@absolute-data.co.uk, or call us on 01423 790125.