RSS Alerts

Related Links

Related Stories

  • ISACA welcomes strengthening of UK penalties on data breaches
    ISACA, the not-for profit international association of 86 000 IT security, audit and governance professionals, has welcomed news that the UK government has beefed up the penalties the Information Commissioner's Office (ICO) can impose on errant companies causing major data breaches.
  • ICO to make data protection compliance easier
    The Information Commissioner’s Office (ICO) has released a new guide on data protection containing practical advice on data protection compliance. New Information Commissioner Christopher Graham also talked to Infosecurity on the challenges facing ICO.
  • ICO seeks to place a value on privacy protection
    The Information Commissioner's Office (ICO) has appointed Watson Hall and John Leach Information Security (JLIS) to undertake a three-month research project with the aim of producing a comprehensive business case for investing in proactive privacy protection.
  • ISACA backs power increase for Information Commissioner
    ISACA, the not-for-profit organisation that seeks to encourage best practice in the IT security industry, has given the `thumbs up' to plans to significantly increase the powers of the Information Commissioner's Office (ICO) later this year.
  • US standards drive Canadian information security
    An absence of legislation and the presence of the laissez-faire attitude has resulted in Canada being rather lax when it comes to information security compliance. Robin Arnfield looks at how US standards are driving the Canadian information security marketplace

News

Social work records found in council's second-hand filing cabinet, according to ICO

22 January 2010

The Information Commissioner's Office (ICO) says it has found Lancashire County Council in breach of the Data Protection Act after social work records containing sensitive personal data were found in a filing cabinet purchased second-hand by a member of the public.

The social work records were reportedly duplicates of documents held in the council's offices and had apparently been used by a social worker during active casework duties. According to the ICO the files contained an extensive amount of personal data including information about the ethnicity, religious beliefs and physical or mental health conditions of individuals. In one instance, says the ICO, the data provided an almost complete picture of the individual's life.

Ged Fitzgerald, the council's chief executive, has signed an undertaking with the ICO promising to implement a formal written procedure for the removal or disposal of any office furniture or equipment. The ICO says that the undertaking also requires staff to be made aware of the council's policies for the storage, use and disposal of personal information and for the appropriate training to be provided.

Sally-Anne Poole, the ICO's head of enforcement, said that this incident highlights the importance of having the necessary safeguards in place to ensure personal information is disposed of securely. "Organisations need to have the appropriate policies in place and staff need to be aware of these policies to ensure personal information is stored securely," she said. "I am pleased that Lancashire County Council is taking action to prevent a similar situation occurring in the future," she added.

 

This article is featured in:
Data Loss

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water