recent work

Council is fined £70,000 for data breach

The London Borough of Barnet received the monetary penalty after paper records ‘containing highly sensitive and confidential information, including the names, addresses, dates of birth and details of the sexual activities of 15 vulnerable children or young people’ were lost, following a buglary at a social workers home in April 2011.

After an investigation by the Information Commissioner’s Office (ICO) found that ‘council failed to take appropriate organisational measures against the accidental loss of personal data held on paper records’.

An incident involving the council in 2010 resulted in them signing a formal undertaking to ensure that a paper-handling policy was introduced and adhered to; this latest blunder confirmed that this policy was not in place at the time of the second loss – and as a result, the fine was issued.

Simon Entwisle, the ICO’s Director of Operations, said:

“The potential for damage and distress in this case is obvious. It is therefore extremely disappointing the council had not put in place sufficient measures in time to avoid this second loss.

“While we are pleased that Barnet Council has now taken action to keep the personal data they use secure, it is vitally important that organisations have the correct guidance in place to keep sensitive paper records taken outside of the office safe. This includes storing papers containing sensitive information separately from laptops.”

Comment
DataWise by Absolute Data, is committed to ensuring companies and organisations, regardless of their size, create and follow realistic policies and procedures that are above the law. We can help your organisation create robust and effective data protection policies and procedures: we can spend some time getting to know what data-related activity your business partakes in, and ensure that your policies and procedures reflect this activity. We can also help to train your staff; not only in the importance of data protection, but how they can ensure they are fully adhering to data protection law. DataWise, one of our services, provides clients with a data protection toolkit, which offers a robust and effective solution in reducing the risk of data breaches. With the ICO’s power to fine up to £500,000 for data breaches, it is worth getting in touch with us to discuss how your organisation can ensure legal data compliance. Contact us now at info@absolute-data.co.uk, or call us on 01423 790125.