Local authorities have been reminded of the need to make sure they are storing people’s personal data safely and securely.
The Council of the Isle of Scilly recently fell foul of the Data Protection Act when personal details were inadvertently emailed in an attachment.
According to the Information Commissioner’s Office (ICO), the person responsible for sending the email had been familiar with the information governance implications of sending this type of data in such a way.
However, the regulator said no formal data protection training had generally been offered to employees at the council.
Another security lapse occurred several months later when documents regarding an investigation into a former head teacher’s conduct were accidentally made public.
This occurred because the documents had not been encrypted or password-protected when they were sent to non-corporate email accounts.
An ICO investigation pointed out that the council believed various people and organisations had legitimately been entitled to receive the information.
However, it said there were weaknesses concerning how the documents were distributed, as it meant the data contained within them could not be effectively controlled.
Stephen Eckersley, head of enforcement at the ICO, commented: “Personal data must be handled securely and safely.
“The council has failed to do so and must now make immediate changes.”
This comes shortly after the ICO confirmed it intends to implement new guidelines for businesses on the safe management of big data.
David Smith, deputy commissioner of the watchdog, was quoted by CSO Online as saying that effective protection for consumer data must be at the heart of all business practices.
Data breaches can pose a significant danger to an organisation’s reputation, while it could also be hit with hefty fines and enforcement measures if it falls foul of the law.
Complex data recovery requires expertise. Speak to the data recovery industry pioneers at Kroll Ontrack for free advice to investigate options to recover from any data loss type, system or cause.