It’s quite a staggering statistic: 135 breaches of the Data Protection (DPA) Act by Welsh Councils in 2013: more than double the 60 breaches in 2012.
This basically means that every other day the DPA is being broken in a council in Wales. This information came to light after a Freedom of Information request by the BBC.
Nearly all councils in Wales breached the DPA last year. Breaches ranged from financial and personal information sent in error, data being lost, a failure to encrypt data and confidential papers being left on public transport.
Breathe a sigh of relief if you live in the Blaenau Gwent, Ceredigion, Neath Port Talbot, Vale of Glamorgan and Swansea areas as these councils reported no breaches last year.
Anne Jones, Assistant Information Commissioner for Wales, said: “It’s important local authorities live up to their legal responsibilities under the Data Protection Act.”
“Keeping people’s personal information secure should be hardwired into their culture as losses can seriously affect reputations and as a consequence, service delivery”.
Manage sensitive data with BS10012
So what can these councils do to better manage the confidential data they handle?
BS10012 is the British best-practice Standard that provides the specification for a Personal Information Management System (PIMS). It details the actions that organisations should take to ensure they comply with UK data protection and privacy laws.