European Data Protection Digest

Despite Policy, Council Loses Unencrypted Memory Stick

DATA LOSS—UK

February 25, 2011

Cambridgeshire County Council has signed a formal undertaking after an unencrypted memory stick containing personal information went missing, The Guardian reports. Though the council took steps to inform staff of its internal encryption policy and asked that unencrypted sticks were turned in, a staffer used an unencrypted stick to store personal details of at least six at-risk individuals after having trouble getting an encrypted stick to function properly. The stick was lost in November, prompting the council to inform the Information Commissioner's Office (ICO). ICO Enforcement Group Manager Sally Anne-Poole said the case "shows that organisations need to check that their data protection policies are continually followed and fully understood by staff."
Full Story