British Council found in breach of Data Protection Act

The information Commissioner's office has found the British Council in breach of the Data Protection Act for losing an unencrypted disk containing personal...

The information Commissioner's office has found the British Council in breach of the Data Protection Act for losing an unencrypted disk containing personal data of more than 2,000 employees.

The disk was lost in December 2008 while being transported by a courier service employed by the British Council, which reported the data breach to the ICO.

Data on the disk included trade union membership and bank account details, which the ICO said could cause significant distress to the individuals concerned.

The British Council has acknowledged that it did not take any measures to safeguard the personal data on the disk.

The British Council has signed a formal undertaking to take reasonable measures, including disk encryption, to keep personal information safe in future.

The ICO has ordered a number of organisations to sign undertakings following breaches of the Data Protection Act.

Organisations include two NHS trusts, the Home Office, Department of Health, Foreign and Commonwealth Office and Orange Personal Communications Services.

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close