Employmentbuddy - Your best buddy in human resources

Council fined £150,000 for a failure to redact sensitive personal data

16 June 2017 #Data Protection

Basildon Borough Council have been given a £150,000 fine by the Information Commissioner, after a statement in support of a householder’s planning application was published online in full without redacting personal data.

The statement had contained sensitive information about a family’s disability requirements including mental health issues, as well as all their names, ages and addresses. It had been posted by an inexperienced council officer who failed to notice the personal information and there was no procedure requiring a second person to check if redaction was required before publishing. The information stayed on line for almost two months before being removed.

The ICO found that, contrary to the Data Protection Act (DPA), the council had failed to take appropriate organisational measures against the unauthorised processing of personal data and made it clear there was no exemption for planning and instead felt the controversial and emotive nature of planning cases made the breach worse.

The size of fine reflected the council’s lack of robust procedures to safeguard data and is a warning to all organisations that publish information online that exemptions from the DPA are very limited. Without well thought out procedures and training for staff on data protection, organisations risk facing a similar fine.

Clarkslegal are running a “Getting to Grips with Data Protection” series of webinars, starting on Monday 19 June with a free webinar to address the basic concepts and key principles of data protection. Sign up is free and can be found here.

Comments

Be the first to comment on this blog.


Leave your comments
Your comments will be published after being approved by employmentbuddy team, displaying your name as you provide it. But your contact details will never be published. Please read our terms and conditions.


Michael Hibberd

Michael Hibberd
Solicitor

E: mhibberd@clarkslegal.com
T: 0118 953 3905
M: 0779 900 7511