Home page logo

dataloss logo Data Loss mailing list archives

Halton BC fined for serious data breach
From: Erica Absetz <erica () riskbasedsecurity com>
Date: Wed, 5 Jun 2013 20:57:00 -0500


Last year, the council sent a letter to the birth mother an adopted
child including the details of the adoptive parents’ home address.
This was subsequently passed on to the grandparents who had been
trying to obtain access to the child.

The investigation by the Information Commissioner’s Office (ICO) found
that Halton BC failed to have a clear policy and process for checking
such correspondence.

Steve Eckersley, ICO head of enforcement, said: ‘It would be easy to
dismiss this as a simple case of human error. The reality is that this
incident happened because the organisation did not pay enough
attention to how it handles vulnerable people’s sensitive information,
leading to a mistake that was entirely avoidable had the right
guidance and training been in place.

‘The distress this incident will have caused the people involved is
obvious, and the penalty we have issued today reflects that.’

Since the incident, the council has implemented a clear checklist of
requirements before such correspondence can be distributed.

The ICO has previously warned there is an 'underlying problem with
data protection in local government'.
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list


Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges. 

  By Date           By Thread  

Current thread:
  • Halton BC fined for serious data breach Erica Absetz (Jun 06)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]