ICO Issues First Data Breach Fines
PRIVACY LAW—UKNovember 24, 2010
The Information Commissioner's Office (ICO) has levied its first monetary penalty for a data breach, fining the Hertfordshire County Council £100,000 for accidentally faxing highly sensitive information about child abuse cases to the wrong recipients. The Independent reports that the ICO determined the incidents were serious breaches of the Data Protection Act. "It is difficult to imagine information more sensitive than that," said Information Commissioner Christopher Graham, adding, "I am concerned at this breach--not least because the local authority allowed it to happen twice within two weeks." In a separate case, a £60,000 fine was imposed on A4e, an employment services company, over the theft of a laptop containing personal information on about 24,000 people.