The Northern Ireland Office has breached the Data Protection Act after failing to provide details held about a citizen when requested by the citizen, the Information Commissioners Office (ICO) has found.
Following a complaint from an individual that the authority had not responded to a subject access request, the ICO investigated the Northern Ireland Office.
Under the Data Protection Act individuals have the right to find out what information an organisation holds on them.
The Northern Ireland Office has been requested by the ICO to sign a formal undertaking to ensure that all personal information is processed in accordance with the Data Protection Act. The Noorthern Ireland Office must also provide training to all employees who deal with subject access requests under the Act.
Marie Anderson, the Assistant Commissioner for Northern Ireland, said: "It is essential that organisations comply with subject access requests appropriately or they risk action from the ICO."