Leicester City Council facing ICO investigation

gallery

Leicester City Council could be hit by an Information Commissioner’s Office (ICO) fine after losing data on 4,000 elderly and vulnerable people.

LeicesterCare, the council's service which supports vulnerable city residents, lost a USB stick containing medical information and home security codes, according to a report from the Leicester Mercury.

The ICO, which has the power to fine organisations up to £500,000, confirmed to IT PRO it was looking into the case and would be making inquiries.

A spokesperson for the council said it was investigating the “possible loss of a data device,” adding there was no reason to suspect the information had been removed deliberately.

“However, whilst we have been assured by our supplier that the information on the device is not accessible to anyone who may find it, we are taking every precaution to maintain the security of our LeicesterCare users,” the spokesperson added.

“So, as a precaution, we are urgently carrying out changes to the keysafe codes of around 2,000 users. We began this programme last week and will have completed all of the code changes by Friday.”

The memory stick was not supposed to leave the council’s premises, and the local authority believed the device could be missing within the building.

Terry Greer-King, Check Point UK managing director, said it was positive the council had taken steps to ensure the sensitive data was not accessible to outside parties.

However, many councils have been guilty of not adding such layers of security, leaving the Leicester body in "the minority,” Greer-King said.

“There’s still a big security gap to be bridged, even though automated data encryption is easily deployed so that employees cannot work around or disable the protection,” he added.

Last week, the ICO confirmed it would be investigating a security breach at the University of York, when 148 individual student records were accessed.

Email to a friend

Print this page