Security Technology News - July 2010
Councils Breach Data Protection Act
Posted by Security Technology News's UK Correspondent on 09/07/2010 - 15:20:00
Three UK councils have breached the Data Protection Act after losing the personal details of thousands of children.
The Information Commissioner's Office (ICO) said the London Borough of Barnet, West Sussex County Council and Buckinghamshire County Council had shown a "poor regard" for protecting confidential information.
Sally-Anne Poole, enforcement group manager at the ICO, said the cases highlighted a lack of awareness about data security and poor training standards. She said: "It is essential that councils ensure the correct preventative safeguards are in place when storing and transferring personal information, especially when it concerns sensitive information relating to children. A lack of awareness and training in data protection requirements can lead to personal information falling into the wrong hands."
Councils Data Breaches
The ICO detailed the data lost by the councils. Barnet lost information about more than 9,000 children after unencrypted CDs and a memory stick were stolen from the home of a member of staff who had downloaded the data without permission. The employee had received no training about data handling and no procedures were in place that would have prevented an unauthorised download taking place, according to the ICO.
West Sussex lost information about an unknown number of children and families after an unencrypted laptop was stolen from the home of a member of staff. Here again, the employee concerned had not received proper data protection or IT security training. The ICO said 2,300 unencrypted laptops were thought to be in use by the council. Lastly, a Buckinghamshire social work employee lost personal data, contained in a plastic wallet, about two children at Heathrow airport.
Council Data Losses
These are just the latest cases of the ICO investigating data losses at councils. West Berkshire Council was last month found in breach of the Data Protection Act after losing USB memory sticks containing the information of disabled children and young people. Highland Council, St Alban's City and District Council, Wigan Council and Warwickshire Council have all this year found themselves being investigated by the ICO.
The ICO said the three latest incidents are particularly concerning because they involved the details of children, and because there was a lack of training in data protection that led to two of the incidents occurring. The ICO has requested the three councils sign a formal undertaking that they will make their staff aware about data protection and policy on data storage and use. Barnet and West Sussex are to give their staff training on data protection and IT security, while Barnet - which had received a warning about data policy before, faces an audit before next April.
Companies providing Data Security
Companies providing IT Security
Recently Added News
250 nations' webcam footage streamed on Russian website which authorities in the UK and elsewhere now want shut down with immediate effect.
It's claimed that for the past seven years, aircraft carrying fake mobile phone towers have been gathering user data while flying over the United States.
Interpol have found that foreigners hoping to join IS and similar organisations are routinely travelling to Turkey and other countries aboard cruise ships.
India, warned that Calcutta might come under attack by terrorists, moves two of its docked warships just days after a bombing incident near the border with Paki...