Public bodies fined over data security breaches

SIX public bodies were fined over personal data security breaches in the last year despite hundreds of reported cases, a report has revealed.
By The Newsroom
Published 25th Apr 2012, 01:41 BST

One of the biggest penalties went to Midlothian Council as it was fined £140,000 for sending details on children and their carers to the wrong people five times within 12 months.

Some 281 of the 730 reported breaches were a result of human error, with e-mails being sent by mistake and documents being sent to the wrong address, figures from the Information Commissioner’s Office (ICO) showed.

Hide Ad
Hide Ad

A further 170 were due to data or hardware being stolen and another 108 were as a result of it being lost.

The figures, published by security firm ViaSat following a Freedom of Information Act request, also found 433 of the reported cases had yet to be decided.

Overall, staff in private firms appeared to be the worst offenders, accounting for more than a third (263) of reported breaches between 22 March last year and 17 February.

Healthcare providers including the NHS were responsible for 178 reported breaches, while councils and other local government organisations reported 166.

The ViaSat report said that of the 297 cases reported and resolved within the time period, just six resulted in fines.

These included Midlothian Council’s children’s social service reports.

Related topics:Midlothian CouncilNHS