Mark Whitehead 01 September 2017

County fined £70,000 for 'serious and prolonged' data breach

Nottinghamshire County Council has apologised for leaving vulnerable people’s personal information exposed online after being fined £70,000 by data protection watchdogs.

It admitted that leaving the gender, addresses, postcodes and care requirements of elderly and disabled people in an online directory which had no basic security or access restrictions such as a username or password was a mistake.

A member of the public raised the alarm after realising they could access and view the data without logging in and worried it could be used by criminals to target vulnerable people.

Information Commissioner’s Office head of enforcement Steve Eckersley said it had been a 'serious and prolonged' breach of the Data Protection Act.

'For no good reason, the council overlooked the need to put robust measures in place to protect people’s personal information, despite having the financial and staffing resources available.

'Given the sensitive nature of the personal data and the vulnerability of the people involved, this was totally unacceptable and inexcusable.'

Caroline Baria, the council's adult social care service director, said: 'Nottinghamshire County Council takes its responsibility for data security extremely seriously so we are very sorry that this error occurred and wholeheartedly accept the information commissioner’s findings.

'As soon as this matter came to our attention we removed the home care directory from the internet and reported the incident to the commissioner.

'At the time the directory included partial addresses and a brief outline of the care needs of 81 people who have required home care services, but the information did not contain any names or house numbers.

'A full review of procedures has been carried out and we are now using a different system for home care providers outside of the internet.'

SIGN UP
For your free daily news bulletin
Highways jobs

Solicitor/ Barrister / Chartered Legal Executive Commercial & Contracts (x2)

Warwickshire County Council
£50,856 to £57,083 per annum
Warwickshire Legal Services (WLS) are looking for two qualified lawyers to join their award-winning, motivated, and nationally recognised legal team. Warwick
Recuriter: Warwickshire County Council

Head of Finance and Deputy s151 Officer

Conwy County Borough Council
£77,153 - £88,545
We are looking for an experienced and strategic financial leader who can operate confidently in a complex, political and fast-changing environment. Colwyn Bay, Conwy
Recuriter: Conwy County Borough Council

ICT Engineer Digital Squad

Durham County Council
£35,412 to £39,152 p.a. (Pay Award Pending)
An exciting opportunity has arisen within the Microsoft 365 Team for an ICT Engineer (Microsoft 365). This role will support Durham County Council's B Durham
Recuriter: Durham County Council

Storekeeper Driver

Durham County Council
£26,403 - £28,598
An opportunity has come up in Highways Services for a Storekeeper/Driver.  They will assist the Stores Supervisor in delivering a customer focussed St Durham
Recuriter: Durham County Council

Care Support

Durham County Council
Grade 4 £25,583 - £26,824 (pay award pending)
We're recruiting to a permanent role within our Pathways Service, which delivers day services to adults with complex needs, Monday to Friday. There i Durham
Recuriter: Durham County Council
Linkedin Banner