A teachers union has been slapped on the wrist by the Information Commissioner's Office after it lost a laptop and memory stick holding data on over 6,000 of its members.
The devices held "sensitive personal data" - though none of it was financial - on 6,282 of the The Association of Teachers and Lecturers (ATL) union's members.
ATL has been ordered by the ICO to encrypt all its portable devices after the unencrypted laptop and stick went missing from the car of one of its staff members.
Aside from being forced to encrypt such devices, the ATL must also review its data policies, ban users from storing personal data on memory sticks, and better educate staff.
Sally Anne-Poole, head of enforcement at the ICO, said: "I encourage organisations to prevent staff from downloading large amounts of personal data."
"It is vital that portable devices, including laptops and memory sticks are encrypted if they are used to store personal information," she added in a statement. "Staff members should not be allowed to keep people's personal details, especially sensitive personal information, on their own memory sticks."
The ICO has pushed for the ability to fine organisations up to 500,000 for data breaches, but at the moment tends to just require data storage changes to prevent losses from reoccurring.
