We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Printing mixup lands Council with £130,000 ICO fine

ICO to ask Ministry of Justice for new auditing powers

A print job mixup has left a Welsh council nursing the largest fine ever to be levied by the Information Commissioner for a breach of the Data Protection Act.

Powys County Council has been asked to pay £130,000 after the two pages of case notes from a child protection case were accidentally added to those of a separate case before being sent to a member of the public.

The mixup, which occurred in February this year, happened because both sets of paper notes were printed using the same shared network printer and were not checked before being sent out, the ICO said. The issue was raised with the council by the recipient - who also knew the child in question - and a complaint was filed separately by the child's mother through a local MP.

The unusually tough fine reflected the fact that the Council had been warned previously by the ICO for sending child protection data to an unintended recipient in June 2010, making the new offence the second in less than a year.

The ICO said the accumulation of cases along similar lines has convinced it of the need to ask the Ministry of Justice for new powers to audit councils and NHS organisations without their consent.

"This is the third UK council in as many weeks to receive a monetary penalty for disclosing sensitive information about vulnerable people," said ICO assistant commissioner for Wales, Anne Jones.

"It's the most serious case yet and it has attracted a record fine. The distress that this incident would have caused to the individuals involved is obvious and made worse by the fact that the breach could have been prevented if Powys County Council had acted on our original recommendations," she said.

"There is clearly an underlying problem with data protection in social services departments and we will be meeting with stakeholders from across the UK's local government sector to discuss how we can support them in addressing these problems."

ICO fines and warnings now litter the news archives with no sign of a slow-down in the number of data breach and data protection cases coming to light. This raises questions about whether the compliance regime is working effectively enough or should seek to address the deeper problems in the way public sector organisations store and handle sensitive data.

Only two weeks ago, the Big Brother Watch organisation used freedom of information requests to uncover 1,035 incidents in which public sector organisations had lost laptops and memory sticks on which sensitive data could have been stored. Only 55 of these were actually reported to the ICO.

IDG UK Sites

Best camera phone of 2015: iPhone 6 Plus vs LG G4 vs Galaxy S6 vs One M9 vs Nexus 6

IDG UK Sites

In defence of BlackBerrys

IDG UK Sites

Why we should reserve judgement on Apple ditching Helvetica in OS X/iOS for the Apple Watch's San...

IDG UK Sites

Retina 3.3GHz iMac 27in preview: Apple cuts £400 of price of Retina iMac with new model