This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Scottish Court Service in breach of Data Protection Act after disposing of documents in a recycling bank

Share this article:

The Scottish Court Service has been found to be in breach of the Data Protection Act after court documents were accidentally disposed of at a local recycling bank.

According to the Information Commissioner's Office (ICO), it became aware of the breach when a Scottish newspaper published details of the discovery of files containing appeal documents on 25th September 2010.

The files reportedly contained ‘sensitive personal details' and subsequent checks by the ICO found that the papers had been lost by the editor of a series of law reports and that the court service had failed to check how this individual intended to keep the information secure. 

Ken Macdonald, assistant commissioner for Scotland at the ICO, said: “People involved in court cases should be able to feel confident that their personal and sensitive information is going to be kept secure and not taken outside of the court room. Had any of the papers in this case fallen into the wrong hands, the privacy of the individuals concerned might have been threatened.

“I am pleased that the Scottish Court Service has agreed to take a more hands-on approach to deal with data sharing in such cases and that staff will be trained appropriately to avoid this from happening in the future.”

The court service has now tightened its procedures around the handling of sensitive information by its staff and other people involved in the court process. The editor of the law reports has also agreed to improve the way in which court documents that include sensitive personal details are handled.

Eleanor Emberson, chief executive of the Scottish Court Service, has signed a formal undertaking to ensure that all staff are aware of the court service's policy for the storage, use and disclosure or sharing of personal data. All staff will be appropriately trained and all parties involved in the sharing of data must sign up to a memorandum of understanding with the service.

The ICO waited almost eight months to issue the first monetary fines in 2010, with a penalty of £100,000 given to Hertfordshire County Council for ‘two serious incidents' regarding mis-sent faxes, while employment services company A4e was fined £60,000 for the loss of an unencrypted laptop that contained personal information relating to 24,000 people who had used community legal advice centres in Hull and Leicester.

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Insider threat levels from ex-staffers greater than expected

Insider threat levels from ex-staffers greater than expected

A third of of ex-employees have access to company data and 9% have used their access privileges says new research.

WSJ the latest publisher to be hit by 'w0rm' hacker

WSJ the latest publisher to be hit by ...

The Wall Street Journal has become the latest US media organisation to be hacked, just days after similar attacks against Vice Media and Metro US.

Queen's website hosts controversial tracking technique

Queen's website hosts controversial tracking technique

Advertising tracking called 'canvas fingerprinting' is used on many websites and identifies unique individuals and their browsing habits and works surreptitiously.