Digital Transformation

Charity has sensitive data stolen

A data theft at a charity may have left bereaved parents vulnerable to identity fraud.

The importance of proper data protection has been underlined by an incident in which a charity had sensitive information stolen from its premises.

Thieves entered the headquarters of Sands at the Craiglockhart Leisure Centre in Lothian and stole a laptop computer and a box of keys.

Despite other valuable items being present, the culprits only took the computer, suggesting the burglary was carefully targeted.

Sands was the charity that uncovered a scandal at the nearby Mortonhall Crematorium last year, in which parents of stillborn babies were told there was nothing left of their children’s bodies following cremation.

In fact, ashes were collected and scattered at a memorial garden without the parents’ knowledge for almost half a century.

As a result of Sands’ investigation into the matter, it had collected the personal details of families affected by the controversy – and it is these that have been taken in this month’s theft.

Emails circulated between the charity and other stakeholders in the inquiry into the matter were also being stored on the computer.

Although the charity’s full client database was stored elsewhere, the information that has gone missing could be used to commit fraud or steal identities.

Sands Lothian operations manager Dorothy Maitland said: "It’s very worrying. I don’t know if they came in specifically for the laptop but the whole thing doesn’t make sense and is very strange."

The charity recently saw its workload increase significantly after it began to help parents embroiled in the scandal, but this case demonstrates the importance of taking the appropriate care of sensitive data.

If staff are too busy to cope with it, then it could be a good idea to outsource the task to a third party such as Dajon Data Management, which will ensure information is kept safely but is also easily accessible.