European Data Protection Digest

Council Loses Data on 18,000

DATA LOSS—UK

November 11, 2011

The Information Commissioner's Office (ICO) says that Rochdale Metropolitan Borough Council breached the Data Protection Act when it lost a USB drive containing the personal information of 18,000 citizens, PC Advisor. ICO Acting Head of Enforcement Sally-Anne Poole said the office's investigation "uncovered a number of failings," adding, "This incident could have been easily avoided if adequate security measures had been in place." The data, which was unencrypted, included names, addresses and details of payments made to the council. The council had no policy for encrypting USB sticks but has now adopted one and has plans to extend it to other devices.
Full Story