BreachExchange mailing list archives
Halton BC fined for serious data breach
From: Erica Absetz <erica () riskbasedsecurity com>
Date: Wed, 5 Jun 2013 20:57:00 -0500
http://www.localgov.co.uk/index.cfm?method=news.detail&id=110002 Last year, the council sent a letter to the birth mother an adopted child including the details of the adoptive parents’ home address. This was subsequently passed on to the grandparents who had been trying to obtain access to the child. The investigation by the Information Commissioner’s Office (ICO) found that Halton BC failed to have a clear policy and process for checking such correspondence. Steve Eckersley, ICO head of enforcement, said: ‘It would be easy to dismiss this as a simple case of human error. The reality is that this incident happened because the organisation did not pay enough attention to how it handles vulnerable people’s sensitive information, leading to a mistake that was entirely avoidable had the right guidance and training been in place. ‘The distress this incident will have caused the people involved is obvious, and the penalty we have issued today reflects that.’ Since the incident, the council has implemented a clear checklist of requirements before such correspondence can be distributed. The ICO has previously warned there is an 'underlying problem with data protection in local government'. _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security equips organizations with security intelligence, risk management services and on-demand security solutions to establish customized risk-based programs to address information security and compliance challenges.
Current thread:
- Halton BC fined for serious data breach Erica Absetz (Jun 06)