A Birmingham City Council-owned company has been reprimanded following a data breach that saw the personal information of a child disclosed to another family.
Birmingham Children's Trust Community Interest Company was working with two families when a child protection plan containing personal information and criminal allegations relating to a child from one family was sent to the other family.
An investigation by the Information Commissioners Office (ICO) found that the company did not have appropriate policies or sufficient practical guidance in place to ensure the security of personal information.
Sally-Anne Poole, head of investigations at the ICO, said: ‘Children’s personal information requires extra protection and must be handled with great care. This disclosure of personal information by social workers at Birmingham Children's Trust Community Interest Company was a violation of privacy that would have caused distress to both the child and their family.’
A Birmingham Children’s Trust spokesperson said: ‘We have carefully considered the ICO recommendations and have taken steps to help prevent such an occurrence from happening again. We are continuing to monitor this area of activity, and we are also working on broader procedural changes to further help protect the personal data we work with.’