mailing list archives
Halton BC fined for serious data breach
From: Erica Absetz <erica () riskbasedsecurity com>
Date: Wed, 5 Jun 2013 20:57:00 -0500
Last year, the council sent a letter to the birth mother an adopted
child including the details of the adoptive parents’ home address.
This was subsequently passed on to the grandparents who had been
trying to obtain access to the child.
The investigation by the Information Commissioner’s Office (ICO) found
that Halton BC failed to have a clear policy and process for checking
Steve Eckersley, ICO head of enforcement, said: ‘It would be easy to
dismiss this as a simple case of human error. The reality is that this
incident happened because the organisation did not pay enough
attention to how it handles vulnerable people’s sensitive information,
leading to a mistake that was entirely avoidable had the right
guidance and training been in place.
‘The distress this incident will have caused the people involved is
obvious, and the penalty we have issued today reflects that.’
Since the incident, the council has implemented a clear checklist of
requirements before such correspondence can be distributed.
The ICO has previously warned there is an 'underlying problem with
data protection in local government'.
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list
Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
- Halton BC fined for serious data breach Erica Absetz (Jun 06)