Barnet Borough Council Fined £70,000 For Data Loss

The London Borough of Barnet has been slapped with a £70,000 fine by the Information Commissioner’s Office (ICO) after paper records containing sensitive information were stolen, along with a laptop.

The laptop was encrypted, preventing any further loss of data, but the ICO has called on the council to enact more organisational measures to prevent accidental losses occurring again and for paper records to be stored separately from computers.

Digital advantage

The loss occurred when a social worker took the paper records home in order to work on them outside of office hours. Their house was burgled in April last year and a laptop bag, which contained the records and the encrypted laptop, was taken. The papers included names, addresses, dates of birth and details of the sexual activities of 15 vulnerable children and young people.

The subsequent ICO investigation found that the council had an information security policy and had provided some guidance to its staff on handling sensitive papers, but the measures failed to explain how that information should be kept secure.

This is not the first time that Barnet has attracted the attention of the ICO. In June 2010 it signed an undertaking after an unencrypted, non-password protected USB stick containing the sensitive personal information of more than 9,000 children and their family members was stolen from the home of a council employee.

The employee had downloaded data onto the device without any authorisation in place, although it was later revealed that no training or security was in place to prevent this happening. The council introduced a paper handling policy following the incident, but this was not in place at the time of this latest loss.

“The potential for damage and distress in this case is obvious. It is therefore extremely disappointing the council had not put in place sufficient measures in time to avoid this second loss,” said Simon Entwisle, the ICO’s director of operations. “While we are pleased that Barnet Council has now taken action to keep the personal data they use secure, it is vitally important that organisations have the correct guidance in place to keep sensitive paper records taken outside of the office safe. This includes storing papers containing sensitive information separately from laptops.”

The ICO recently announced that the organisers of the London Marathon were to face an investigation after the home and email addresses of participants were accidentally posted on the event’s official website. The watchdog has had problems of its own to deal with though, after it became the target of a DDoS attack from Anonymous splinter group the ATeam.

What do you know about privacy? Find out with our quiz!

Steve McCaskill

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

Recent Posts

Amazon Pumps Another $2.75 Billion Into Anthropic

Amazon completes its $4bn investment into AI firm Anthropic, after providing an additional $2.75bn in…

2 hours ago

The Sustainability of AI

While AI promises unparalleled efficiency, productivity, and innovation, questions regarding its environmental impact loom large.…

4 hours ago

Trump’s Truth Social Makes Successful Market Debut

Shares in Donald Trump’s social media company rose about 16 percent after first day of…

5 hours ago

Dutch PM Raises Cyber Espionage Case With China’s Xi

Beijing visit sees Dutch Prime Minister Mark Rutte discuss cyber espionage incident with Chinese President…

5 hours ago

Vodafone Germany Confirms 2,000 Job Losses, Amid European Restructuring

More downsizing at Vodafone after German operation announces 2,000 jobs will be axed, as automation…

22 hours ago

AI Poses ‘Jobs Apocalypse’, Warns Report

IPPR report warns AI could remove almost 8 million jobs in the United Kingdom, with…

23 hours ago