ICO hits London council with £70,000 data breach fine

The London Borough of Barnet feels watchdog's wrath after losing children's data.

Data loss folder

A London council has been hit with a 70,000 fine from the Information Commissioner's Office (ICO) following the loss of sensitive information about 15 local youngsters.

The names, addresses and sexual histories of 15 children and young people living in the London Borough of Barnet were stolen from a council worker's house during a burglary last April.

The potential for damage and distress in this case is obvious.

The thieves stole an encrypted computer and a laptop bag carrying paper records, which contained the youngsters' data.

The breach is the second time in two years the council has found itself at the centre of a data loss incident, after an unencrypted device containing personal information was stolen from another employee's home.

Following an investigation by the ICO into the latest breach, it was concluded that the council had not taken sufficient action to guard against the accidental loss of paper-based records.

In a statement the ICO said: "The council had an information security policy and some guidance for staff on handling sensitive papers, [but] the measures failed to explain how the information should be kept secure."

Simon Entwisle, director of operations at the ICO, said, following the council's earlier data breach, it was a shame that it hadn't taken more care with its residents' data.

"Barnet Council has taken action to keep the personal data they use secure, [but] it is vitally important that organisations have the correct guidance in place to keep sensitive paper records taken outside of the office safe," said Entwisle.

"This includes storing papers containing sensitive information separately from laptops."

In a statement to IT Pro, Barnet Council said it was disappointed by the ICO's decision to issue a fine.

"This data loss was the result of a criminal act where a member of staff had their house broken into and material that was under lock and key stolen," said the statement.

"The ICO also accepts that it was appropriate for the member of staff to have this material at home for this period [and] there is no evidence the material taken was misused in anyway."

Featured Resources

The definitive guide to warehouse efficiency

Get your free guide to creating efficiencies in the warehouse

Free download

The total economic impact™ of Datto

Cost savings and business benefits of using Datto Integrated Solutions

Download now

Three-step guide to modern customer experience

Support the critical role CX plays in your business

Free download

Ransomware report

The global state of the channel

Download now

Recommended

ICO launches AI risk assessment toolkit for businesses
Information Commissioner

ICO launches AI risk assessment toolkit for businesses

21 Jul 2021
What is the Information Commissioner’s Office (ICO)?
Information Commissioner

What is the Information Commissioner’s Office (ICO)?

15 Jul 2021
Researchers send “unhackable” quantum data over 370-mile optical fiber
data protection

Researchers send “unhackable” quantum data over 370-mile optical fiber

11 Jun 2021
New study shows global privacy investments increasing
data protection

New study shows global privacy investments increasing

2 Jun 2021

Most Popular

What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

8 Sep 2021
Citrix mulling potential sale after tumultuous 2021
mergers and acquisitions

Citrix mulling potential sale after tumultuous 2021

15 Sep 2021
Zoom: From pandemic upstart to hybrid work giant
video conferencing

Zoom: From pandemic upstart to hybrid work giant

14 Sep 2021