IT Security: DPA Fines Issued

Hertfordshire County Council is one of two bodies fined by the Information Commissioner. The fine related to details of a child sex abuse that were faxed to a member of the public and totalled £100,000.

Meanwhiile, Sheffield-based A4e was fined £60,000 for losing an unencrypted laptop containing the personal details of thousands of people.

The Commissioner said that these fines, the first of their kind, would "send a strong message" to those with data-handling responsibilities.

Hertfordshire County Council's breaches occurred when staff in their childcare litigation department sent two faxes to the wrong people on two different occasions. The Council reported both breaches to the Information Commissioner's Office.

The second fax, sent two weeks after the first, contained information relating to the care proceedings of three children, the previous convictions of the two individuals, domestic violence records and staff's opinions on the cases.

A recent survey found that four out of five people want to see the introduction of a law which would force companies to publicly declare any data breaches. This kind of legislation currently exists in the United States but in the UK, declaring is currently voluntary. The survey was conducted for data management company Logrhythm by Onepoll. Five thousand people were asked the question.

IT Security & Communications Manager

Follow me on Twitter

ARM

Share / Bookmark Subscribe to this post's comments using RSS