More councils slapped for data protection breaches
Five more councils have breached the Data Protection Act, the Information Commissioner's Office (ICO) has announced.
The latest data breaches all relate to incidents where English local authorities failed to take appropriate steps toensure that personal information was kept secure.
Basingstoke and Deane borough council breached the Data Protection Act on four separate occasions during a two-month period last year. The breaches included an incident in May when an individual was mistakenly sent information relating to 29 people who were living in supported housing.
In July last year an employee of Brighton and Hove council emailed the details of another member of staff's personal data to 2,821 council workers. A third party also informed the ICO of a historic breach which occurred in May 2009 when an unencrypted laptop was stolen from the home of a temporary employee.
Further undertakings have also been signed by Dacorum borough council, Bolton council and Craven district council as a result of data breaches. In addition an enforcement notice has been issued to Staffordshire county council over its mishandling of a subject access request for personal data.
The ICO shows no sign of slacking in its campaign against local authorities, the main recipient of monetary penalties last year. In a statement, Information Commissioner Christopher Graham said: "At a time when councils are increasingly working with community partners, when data is shared it is vital that they uphold their legal responsibilities under the Data Protection Act. Failures not only put local residents' privacy at risk, but also mean that councils could be in line for a sizeable monetary penalty."
The announcement revealed that the commissioner has submitted a business case to the government to ask for an extension of powers to make mandatory audits of organisations.