ICO fines charity £70,000 for losing sensitive data
Personal information about four young children was compromised.
The Information Commissioner’s Office (ICO) has fined a London charity for losing sensitive information relating to the care of four young children.
The data loss occurred on 5 December 2011 and was caused when a social worker who worked for charity Norwood Ravenswood tried to deliver information about children to the home their prospective adoptive parents.
The social worker received no response, as both occupants were out at the time, and left the reports at the side of the house. When the potential adoptive parents returned home, however, the papers were gone and have never been recovered.
The fact that the social worker had received no training on how to look after extremely sensitive information is truly staggering.
Stephen Eckersley, head of enforcement at the ICO described the incident as “entirely avoidable”.
“We have warned the charity sector that they must have thorough policies and procedures in place to keep the sensitive information they handle secure," he said in a statement.
“The children involved in this case were no more than 6 years old and now they are in a situation where their most sensitive details could be in the hands of a complete stranger. The fact that the social worker had received no training while working at the charity, on how to look after what is extremely sensitive information, is truly staggering,” Eckersley added.
A spokesperson from Norwood Ravenswood told IT Pro that this was an isolated breach of the Data Protection Act and it reported itself to the ICO after as soon as it was discovered.
"Norwood took immediate steps to tighten its procedures in line with the Act to ensure that an incident of this kind will not be repeated.”