The New Forest District Council breached the Data Protection Act by publishing the personal data of planning applicants on their website, says the Information Commissioner's Office (ICO).
The ICO received a complaint from a New Forest resident in 2008, after the council failed to remove personal data from the resident's planning application before publication on their website.
Although the council removed the relevant data, the resident continued to monitor the website and reported finding personal data relating to other Hampshire residents over several months.
The ICO said following this complaint, the council initially improved its procedures and introduced a self monitoring process, but more personal data was published on website in July 2010.
The ICO examined the systems in place at the council and interviewed the staff directly responsible for the redaction process.
Following this, the ICO was satisfied that the council was taking the steps needed to lessen the risk of a breach occurring again.
The council's chief executive, David Yates, has provided the ICO with a commitment to continue with such measures to ensure maximum compliance with the Data Protection Act.
Sally-Anne Poole, enforcement group manager at the ICO, said authorities are expected to put the most effective data protection measures in place and to ensure they are upheld.
"We will be monitoring other local authorities to scope compliance in this area on a national level. Any council found to have an unacceptable error rate may be subject to regulatory action," she said.