About Sensitive personal information relating to 80
children was lost from a council-run nursery.
Subject: Leicester City Council breaches the
Data Protection Act
Press Release
For immediate
release
19 May 2009
Leicester City
Council breaches the Data Protection Act
Leicester City Council has signed a
formal Undertaking
outlining that it will endeavour to keep personal information secure in future.
The Information Commissioner’s Office (ICO) found Leicester City Council in
breach of the Data Protection Act after staff breached council procedures by
downloading personal information on to an unencrypted memory stick. Sensitive
personal information relating to 80 children was subsequently lost from a
council-run nursery.
By signing the Undertaking
Leicester City Council agrees to implement a number of security measures to protect
personal information more effectively. With immediate effect, the council
will improve training programmes for all staff, including contractors and
temporary staff. The council has also agreed that sufficient supervisory checks
are carried out to help ensure that staff, including contract and temporary
workers, adhere to relevant internal procedures and the requirements of the
Data Protection Act.
Mick Gorrill, Assistant Information
Commissioner at the ICO, said: “Leicester City Council has agreed to ensure
that its policies on the transfer and sharing of personal information on
portable devices are clear and compliant with the Data Protection Act.
We recognise that Leicester City
Council acted responsibly by reporting the breach to the ICO and took remedial
action. However, the council must consistently implement robust processes to
protect people’s personal information at all times.
“The Data Protection Act clearly
states that organisations must handle personal information securely. It is
alarming that since November 2007 516 data security breaches have been reported
to the ICO from organisations across the public, voluntary and private
sectors.”
Failure to meet the terms of the
Undertaking is likely to lead to further regulatory action by the ICO. A copy
of the Undertaking can be downloaded from http://www.ico.gov.uk/upload/documents/library/data_protection/notices/leicester_city_council_final_undertaking.pdf
ENDS
All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html
Selected commands (the command has been filled in below in the body of the email if you are receiving emails in HTML format):
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm and are sent in the body of an otherwise blank email to [log in to unmask]
Any queries about sending or receiving messages please send to the list owner [log in to unmask]
(Please send all commands to [log in to unmask] not the list or the moderators, and all requests for technical help to [log in to unmask], the general office helpline)