Leicester Council one of many who break the DPA

June 3, 2009

Leicester City Council signed an undertaking today that signifies its future efforts to secure personal information, after it was found to have breached the Data Protection Act by allowing personal information to be transferred on an unencrypted memory stick, comprising the personal information of 80 nursery children.

While this act may seem unforgivable, Leicester City Council is not alone, as a recent study conducted by BSI reported that one in five businesses report accidentally breaching the Data Protection Act.

Even more shocking, half of the businesses who report breaking the DPA admitted to breaking protocol on more than one occasion.

Part of the reason for the high amount of breaches may be that 18% of the businesses surveyed were not sure whether they had breached the DPA or not, as they do not have a department that maintains the security of their clients’ information.

In fact, out of the entire group of businesses surveyed by the BSI, 65% reported they do not have data protection training measures in place for staff and 15% are sure their data practices do not meet the DPA standards.

Leicester City Council is attempting to mend their breach by signing a contract to implement new data security measures and provide training to staff as well as background checks on all future staffing positions.


Comments in chronological order (0 comments)

  1. Stuart Hodkinson, UK General Manager, Courion says:

    It’s no wonder that almost one in five businesses in the UK has breached the Data Protection Act (DPA) at least once, in fact in reality it is probably more than that. Recent research we have undertaken ourselves shows how a large proportion of IT managers are largely unaware of which employees have access to which systems. If you don’t know who has access to your system that how do you know that you are plugging all the potential holes? The time for over confidence has passed. It is important for IT Managers to start undertaking regular audits of their systems, ensuring that employees have access to only the information they need to do their jobs. Otherwise the DPA will continue to be breached, whether accidently or through malicious intent.

Post a comment

Your email address will not be published. Required fields are marked *

Visited 1078 times, 1 so far today