ICO slaps £120,000 fine on Surrey council for data breaches

Darren Allan

June 10, 2011

Surrey council has been hit with a heavy fine from the ICO (Information Commissioner’s Office).

The council was handed the large penalty because it managed to drop the data ball on three separate occasions, with two breaches suffered last year and one in January of this year.

The first was the most serious spillage, when in May 2010 the personal details relating to the health of 241 vulnerable individuals were emailed to the wrong group email address.

Information Commissioner Christopher Graham said that this disaster was compounded when the council clearly hadn’t learned its lesson from this episode, managing to misdirect another email in June 2010, containing unencrypted personal information on further folks.

And then in January 2011 another email went astray, although this time just an internal one.

Graham handed out the £120,000 fine, noting: “This significant penalty fully reflects the seriousness of the case.”

He continued: “Any organisation handling sensitive information must have appropriate levels of security in place. Surrey County Council has paid the price for their failings and this case should act as a warning to others that lax data protection practices will not be tolerated.”

Since the incidents, Surrey council has taken action to improve its security policies, including the development of an early warning system which lets staff know when sensitive information is being sent to an external email address.

Staff have undergone further IT training, too, perhaps being schooled in actually looking at the names listed in that funny little window with “To” next to it before they click “Send”.






 

Comments in chronological order (1 comment)

  1. Shadow says:

    I really don’t see the point in ‘fining’ a council. How exactly does that help? It only removes money from the pot.

    What SHOULD be done is 15% pay cut to top brass for 6 months.

Post a comment

Your email address will not be published. Required fields are marked *

Visited 1872 times, 1 so far today