This week the ICO has issued his largest ever fine for a breach of the Data Protection Act (DPA). Powys Council were fined £130,000 after details of a child protection case were sent to the wrong person. The recipient of the email knew the identities of the parent and child.
In a separate incident, reports from child protection cases were sent to a shared printer, and were mistakenly picked up. These incidents follow on from another breach of the DPA from Powys Council last year.
Anne Jones, the assistant commissioner for Wales, said: “This is the third UK council in as many weeks to receive a monetary penalty for disclosing sensitive information about vulnerable people. The distress that this incident would have caused to the individuals involved is obvious and made worse by the fact that the breach could have been prevented if Powys County Council had acted on our original recommendations.”
The ICO has issued a legal notice to Powys council to take immediate action to improve practices and procedures in the handling of sensitive data.
Improve your data handling with these cost-effective solutions:
The DPA Staff Awareness e-Learning course is the most cost-effective way to ensure your staff know their DPA responsibilities and how to handle sensitive information.
Ensure all your sensitive data is protected on the SafeStick. Safestick is CESG approved and features FIPS 140-2 certified hardware encryption, far stronger than software encryption. Moreover, SafeSticks are almost indestructible and can be killed remotely.
As MP Glyn Davis said of the recent DPA breaches from councils, the public sector “…can’t afford to make costly mistakes in these difficult economic times.”
Avoid huge ICO fines and improve your data handling and storage today.