A Welsh council has been criticised for leaving sensitive personal information on their website for 11 years.
Documents containing people's names, addresses and medical conditions have been available on Ceredigion Council’s website since 2007 when the breach was first reported.
The private documents were listed as attachments to the council's cabinet papers from meetings held in 2004.
The local authority removed the documents last Friday and has referred itself to the Information Commissioner's Office (ICO).
‘The council wishes to apologise for this error and there is an ongoing investigation into the exempt information that was available online and measures are being put into place to improve the system,’ said a council spokesperson.
‘The council has also made a self-referral to the ICO. The outcome of the investigation will be presented to councillors when investigation is complete.’