The Identity and Passport Service (IPS) has had its knuckles rapped by the Information Commissioner's Office (ICO) for losing the passport renewal applications of 21 people.
The Data Protection Act breach occurred in May 2010. The missing details included the personal data of applicants and their counter-signatories.
Mick Gorrill, head of enforcement at the ICO, says there is no evidence to suggest the applications have fallen into the hands of criminals and the IPS is taking steps to stop this happening again.
No fine was incurred, but the IPS agreed to introduce a number of measures including ensuring that staff are aware of policies for the storage and use of personal data and IT security, and are trained in how to follow them.