Mark Whitehead 01 September 2017

County fined £70,000 for 'serious and prolonged' data breach

Nottinghamshire County Council has apologised for leaving vulnerable people’s personal information exposed online after being fined £70,000 by data protection watchdogs.

It admitted that leaving the gender, addresses, postcodes and care requirements of elderly and disabled people in an online directory which had no basic security or access restrictions such as a username or password was a mistake.

A member of the public raised the alarm after realising they could access and view the data without logging in and worried it could be used by criminals to target vulnerable people.

Information Commissioner’s Office head of enforcement Steve Eckersley said it had been a 'serious and prolonged' breach of the Data Protection Act.

'For no good reason, the council overlooked the need to put robust measures in place to protect people’s personal information, despite having the financial and staffing resources available.

'Given the sensitive nature of the personal data and the vulnerability of the people involved, this was totally unacceptable and inexcusable.'

Caroline Baria, the council's adult social care service director, said: 'Nottinghamshire County Council takes its responsibility for data security extremely seriously so we are very sorry that this error occurred and wholeheartedly accept the information commissioner’s findings.

'As soon as this matter came to our attention we removed the home care directory from the internet and reported the incident to the commissioner.

'At the time the directory included partial addresses and a brief outline of the care needs of 81 people who have required home care services, but the information did not contain any names or house numbers.

'A full review of procedures has been carried out and we are now using a different system for home care providers outside of the internet.'

SIGN UP
For your free daily news bulletin
Highways jobs

Finance Business Partner

West Northamptonshire Council
£49587 to £52860
Are you ready to take on a role where your financial expertise makes a real difference? We’re looking for a motivated and commercially minded Finance Business Partner to join our team, with a focus on housing and temporary accommodation. This opportunit Northampton
Recuriter: West Northamptonshire Council

Senior HR Adviser

Royal Borough of Greenwich
PO4 - £47,532 to £50,574
We’re entering an exciting new chapter. Greenwich, London (Greater)
Recuriter: Royal Borough of Greenwich

Customer Service Officer

Sandwell Metropolitan Borough Council
Band C SCP 5-8 (£25,583- £26,824 per annum)
We are looking to recruit for a Customer Service Officer to join an established team at Sandwell Libraries Sandwell, West Midlands
Recuriter: Sandwell Metropolitan Borough Council

BCF Lead Projects Officer

Sandwell Metropolitan Borough Council
Band F, SCP26 - 31 (£37,280 - £41,771) per annum
Are you passionate about empowering vulnerable adults and helping them lead independent, safe, and dignified lives? Sandwell, West Midlands
Recuriter: Sandwell Metropolitan Borough Council

Senior Cleansing Technician x 2 Posts (CDC)

City Of Doncaster Council
Grade 6, £25,989 - £28,142
Do you enjoy working outside, as part of a team that make a direct difference to the communities of Doncaster? Doncaster, South Yorkshire
Recuriter: City Of Doncaster Council
Linkedin Banner