News

Warwickshire County Council breaches Data Protection Act

Warwickshire County Council has landed in hot water with the Information Commissioner's Office (ICO) after the theft of two computers and the loss of a memory stick containing personal data.

The news comes less than a week before the ICO is to acquire new data protection powers, which include the ability to fine organisations up to £500,000 for serious data breaches.

The ICO found the council in breach of the Data Protection Act and ordered chief executive Jim Graham to sign a formal undertaking to ensure that portable devices used to store personal data are encrypted.

Staff will also be made aware of the council's policy for storage of personal data. The council will implement other security measures to ensure that personal data is protected.

The ICO said the stolen laptops, which held sensitive personal information of pupils and staff from two schools, were not encrypted and not physically secured.

The council also reported a separate incident to the ICO, involving the disappearance of an unencrypted memory stick holding a small amount of personal data relating to children attending an education centre.

Sally-anne Poole, head of enforcement and investigations at the ICO, said it is essential that organisations ensure the correct safeguards are in place when storing and transferring personal information, especially when it concerns sensitive information relating to children.

"A lack of awareness of data protection requirements can lead to personal information falling into the wrong hands," she said.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy