recent work

Praxis Care Limited loses unencrypted memory stick – Data Protection Act breached

The BBC has reported that the care provider lost the sensitive personal information records of around 107 people from the Isle of Man and 53 people from Northern Ireland, when an unencrypted memory stick went missing on the Isle of Man in August 2011.

All those concerned have now been informed, and the Information Commissioner’s Office (ICO) has order the company to improve its procedures.

Christopher Graham, the UK Information Commissioner, said: “Carrying people’s personal information around on an unencrypted memory stick is clearly unacceptable.

“The fact that some of the personal details stored on the device were out of date and so surplus to requirements makes this breach all the more concerning.

“The ICO will continue to work closely with other data protection regulators where it is clear that a data breach extends across national boundaries.”

In a statement, Praxis Care said: “Praxis Care can confirm it has agreed with the Information Commissioner measures to improve data security following the loss of service user information in August 2011 on the Isle of Man.

“The main element of the undertaking confirms the measures taken shortly after the incident to encrypt data and improve data handling.

“The data loss was promptly reported to the relevant authorities including the Information Commissioner. All service users affected were informed of the details of the lost information and received an apology from Praxis Care.

“Praxis Care is confident that the measures taken will greatly reduce the risk of future information loss.”

Comment
DataWise by Absolute Data, is committed to ensuring companies and organisations, regardless of their size, create and follow realistic policies and procedures that are above the law. We can help your organisation create robust and effective data protection policies and procedures: we can spend some time getting to know what data-related activity your business partakes in, and ensure that your policies and procedures reflect this activity. We can also help to train your staff; not only in the importance of data protection, but how they can ensure they are fully adhering to data protection law. DataWise, one of our services, provides clients with a data protection toolkit, which offers a robust and effective solution in reducing the risk of data breaches. With the ICO’s power to fine up to £500,000 for data breaches, it is worth getting in touch with us to discuss how your organisation can ensure legal data compliance. Contact us now at info@absolute-data.co.uk, or call us on 01423 790125.