We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

Councils reprimanded over data loss

Basingstoke and Brighton among the authorities named

Five councils have been warned by the Information Commissioner over Data Protection Act breaches that led to the disclosure of personal information.

The local authorities were named and shamed by Information Commissioner Christopher Graham, who spoke of the potential "detrimental impact" of information breaches on the individuals affected and reminded councils throughout the country they face large fines if found guilty of violating the Data Protection Act.

Among the list of wrong-doers was Basingstoke and Dean Borough Council, which broke information legislation on four separate occasions in a two month period in 2011.

This included an incident in May last year when an individual was erroneously sent information regarding 29 people in supported housing. This is not the first time the council has found itself in the spotlight for such offences: in 2009 a spreadsheet of more than 2,000 applicants for council jobs was mistakenly made available to internet users.

In July 2011 an error by a council employee of Brighton and Hove Council resulted in the details of another member of staff's personal data being sent by email to 2,821 council workers. Two years earlier an unencrypted laptop had been stolen from the home of a temporary employee of the same authority.

Both councils have committed to introduce measures ensuring data is handled in compliance with the Act.

Other authorities that signed have undertakings to ensure compliance are Dacorum Borough Council, Bolton Council and Craven District Council. An enforcement notice been issued to Staffordshire County Council over its mishandling of a subject access request.

Information Commissioner Christopher Graham said: "At a time when councils are increasingly working with community partners, when data is shared it is vital that they uphold their legal responsibilities under the Data Protection Act. Failures not only put local residents' privacy at risk, but also mean that councils could be in line for a sizeable monetary penalty."

The announcement comes a day after the news that the personal data of hundreds of Medway Council workers was posted online for two hours. Diagnostic Health Solutions, which was employed to monitor absenteeism, claims it was the victim of theft however in light of the incident the council terminated its contract for an "unacceptable data breach".

In November 2011 civil liberties and privacy group Big Brother Watch published a report on the extent of the loss of personal data by local authorities. Freedom of information requests revealed how between 2008 and 2011, 132 authorities lost sensitive information in 1035 separate incidents.

Buckinghamshire County Council headed the list of offenders with a total of 72 incidents. In one stand-out incident, a member of staff from Birmingham City Council lost a USB stick containing the personal details of 64,000 council tenants.

IDG UK Sites

Spotify launches on PS4 as Tidal arrives on Sonos: It's Tidal vs Spotify music streaming

IDG UK Sites

It's World Backup Day 2015! Don't wait another minute: back up now

IDG UK Sites

Adobe Comp CC iPad app review

IDG UK Sites

April Fool's Day pranks: play these geeky pranks on April Fools Day and fool your friends