Plymouth City Council is criticised over data protection
THE Information Commissioner's Office (ICO) has criticised councils' attitude towards protecting personal data, after local authorities – including Plymouth City Council – were fined for revealing private information.
Plymouth City Council was served a monetary penalty of £60,000, Devon County Council £90,000 and Leeds City Council £95,000 after separate incidents saw details of child care cases sent to the wrong recipients
-
The penalties mean that 19 local councils have now received monetary penalties for breaching the Data Protection Act, totalling £1,885,000.
The breach at Plymouth City Council saw information passed to the wrong recipient, including highly sensitive personal information about two parents and four children.
Business Cards From Only £10.95 Delivered www.myprint-247.co.uk
View detailsOur heavyweight cards have FREE UV silk coating, FREE next day delivery & VAT included. Choose from 1000's of pre-designed templates or upload your own artwork. Orders dispatched within 24hrs.
Terms: Visit our site for more products: Business Cards, Compliment Slips, Letterheads, Leaflets, Postcards, Posters & much more. All items are free next day delivery. www.myprint-247.co.uk
Contact: 01858 468192
Valid until: Friday, May 31 2013
The breach occurred when two reports about separate child neglect cases were sent to the same shared printer. Three pages from the first report were mistakenly collected with the papers from the second case, and so were handed to the wrong family.
In Devon, a social worker used a previous case as a template for an adoption panel report they were writing, but a copy of the old report was sent out instead of the new one. The mistake revealed personal data of 22 people, including details of alleged criminal offences and mental and physical health.
Information Commissioner Christopher Graham said: "It would be far too easy to consider these breaches as simple human error. The reality is that they are caused by councils treating sensitive personal data in the same routine way they would deal with more general correspondence. Far too often in these cases, the councils do not appear to have acknowledged that the data they are handling is about real people, and often the more vulnerable members of society."
"There is clearly an underlying problem with data protection in local government and we will be meeting with stakeholders from across the sector to discuss how we can support them in addressing these problems."
The ICO is pressing the Ministry of Justice for stronger powers to audit local councils' data protection compliance. The same powers are sought for NHS bodies across the UK following a series of data protection breaches in the health sector.
A Plymouth City Council spokeswoman said: "The breach occurred a year ago because three pages of information were collected from a printer in error together with another document. It was given to a client in an envelope by a social worker. It was later reported by the client and immediate action was taken to manage the situation.
"In line with guidance, the incident was reported to the Information Commissioner's Office. The three pages were quickly recovered and destroyed, both clients were spoken with about the incident and our sincerest apologies were offered.
"Practical steps to prevent a similar situation happening again were taken."
By paying early, the council cut its fine to £48,000.
Comments
by GAWker
Tuesday, December 18 2012, 2:24PM
“Look at Pleb gate or Gate gate and who said what to who and what was leaked to the press and the Leveson report and how much information the press got from the police or other sector sources.
May's Snooper's Charter which was being pushed for by Labour before the election will lead to more people having more access to more information on even more people. Data breaches and the ICO fines, if they continue, will just increase. If the authorities really need the information they can already get it. How many people can resist using extra power when given it just because they can?”
by technomanic
Tuesday, December 18 2012, 11:31AM
“The apparent failing in treating confidential data with the great care that should be applied to all sensitive data being held by any public authority shows a complete lack of respect for forced to pay poll tax payers. The necessity for keeping problematic sensitive data by local authorities should be also investigated. Just how much sensitive data is being held with out the need or knowledge of the data subjects is urgently needed to curb "Big Brother" style data repositories. Councils are paid for by poll tax payers to provide services in our name. They are not there to collect personal data on the people who pay their salaries. Any department that is collecting sensitive personal data, should not be under local authority control. Simples ! Until that changes, then expect more data scandals.
Of course, tax payers paying fines for abuse of sensitive data by public organisations is a complete farce. It's just as bad as the IPCC passing complaints made about policing back to police officers to investigate themselves. There is no incentive to address concerns, because there is rare deterrent punishment of those in office who mess up and get things badly wrong.
Completely farcical by any moral standard.”
by Oldgrump
Tuesday, December 18 2012, 9:41AM
“As usual it will be the taxpayers who will pick up this bill and not the idiotic, incompetent and otherwise unemployable penpushers. If they were made to pay for their stupidity perhaps they may do the job properly.”
by trudie2010
Tuesday, December 18 2012, 8:04AM
“Let's hope things are checked before they go out now, I doubt it though.”