This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Cryptzone: councils' ICO fines could have been avoided

Share this article:

Fines issued this week to two county councils for email mistakes have been described as avoidable.

As reported by SC Magazine on Monday, North Somerset Council and Worcestershire County Council were fined for ‘serious email errors'.

At North Somerset Council, an employee sent five emails, two of which contained highly sensitive and confidential information about a child's serious case review, to the wrong NHS employee. It was served with a penalty of £60,000 for a serious breach of the Data Protection Act.

At Worcestershire County Council, highly sensitive personal information about a large number of vulnerable people was sent to 23 unintended recipients. The Information Commissioner's Office has served a penalty of £80,000 to the council.

Grant Taylor, vice-president of Cryptzone, said the reasons for the fines were understandable, and claimed such action would be unnecessary if councils had the right security controls in place and took action following policy violations.

He said he hoped the penalties would send a clear message not just to those working in the social care and allied sectors, but any organisation dealing with sensitive personal information.

Taylor said: “There really is too much of this sort of thing going on across local government and allied agencies. People who handle highly sensitive personal information need to understand the real weight of responsibility that comes with keeping that data secure.

"The bottom line here is that the information commissioner takes this sloppiness seriously, and so should you. We've had more than 18 months of warnings against public sector bodies and that approach has not worked; monetary penalties are a regrettable measure of last resort.”

Share this article:
close

Next Article in News

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

VC cyber security funding tops £850 million

VC cyber security funding tops £850 million

A new study from US-based research firm CBI Insights reveals that corporate cyber security investments have risen five-fold since 2009, with 30 percent growth in the last year alone.

Russian/Chinese cyber-security pact raises concerns

Russian/Chinese cyber-security pact raises concerns

News that Russia and China are set to sign a cyber-security treaty next month have left Western cyber experts unsure whether it is a threat or a promising development.

UK police arrest trio over £1.6 million cyber theft from cash machines

UK police arrest trio over £1.6 million cyber ...

London Police have arrested three suspected members of an Eastern European cyber-crime gang who installed malware on more than 50 bank ATM machines across the UK to steal £1.6 million.