Backup and Storage

ICO to meet local authorities to discuss data protection

The Information Commissioner’s Office hopes to reduce data breaches at local councils.

The Information Commissioner’s Office (ICO) has revealed that it is set to meet local authority leaders in a bid to strengthen up data protection following a series of breaches.

It recently served four separate councils with civil monetary penalty notices after they broke rules relating to the Data Protection Act, OutLaw reports.

The organisations that received fines were Leeds City Council, Plymouth City Council, Devon County Council and the London Borough of Lewisham, but the ICO pointed out that this could represent part of a wider issue with management all over the UK.

Information Commissioner Christopher Graham said: "There is clearly an underlying problem with data protection in local government and we will be meeting with stakeholders from across the sector to discuss how we can support them in addressing these problems."

One breach saw the file of a child in care get sent to the wrong person – it contained his truancy records, information on his mother and details of criminal offences.

Another resulted in information on child neglect getting sent to the wrong person, while a social worker also left a folder containing extremely sensitive information in a bag on a train.

The Data Protection Act states that authorities and businesses must put in place "appropriate technical and organisational measures" to protect personal data "against accidental loss or destruction".

However, Mr Graham said the councils had failed "to have the most straightforward of procedures in place".

"It would be far too easy to consider these breaches as simple human error. The reality is that they are caused by councils treating sensitive personal data in the same routine way they would deal with more general correspondence," he added.

The ICO hopes the meetings will stop other people suffering as a result of data protection breaches.

It comes after Greater Manchester Police was fined £120,000 when a USB stick containing the details of more than one thousand people under criminal investigation was taken from an officer’s home.

Such security breaches can be avoided with electronic document storage kept in the cloud.