European Data Protection Digest

ICO Finds Councils in Breach of Data Protection Act

DATA THEFT—UK

April 2, 2010

The Information Commissioner's Office (ICO) has found the St. Albans City and District Council in breach of the Data Protection Act following the theft of a laptop that contained unencrypted personal information in the form of voters' records. "When organisations store large volumes of personal details on portable computers, encryption is essential," said Sally-anne Poole of the ICO, adding that employees and contractors must be "trained to handle personal information securely to avoid the risk of information falling into the wrong hands." In a case involving the Highland Council, the ICO determined the council violated the DPA after personal data relating to several members of one family was accidentally disclosed to an unrelated individual.
Full Story