The BBC has recently reported of numerous breaches in data protection by Local Authorities in Wales during 2012. The information was obtained following a Freedom of Information Act request.
The breaches included several cases of posting personal data to websites, a worker who allowed their partner to access and amend personal data, and an e-mail which ‘accidentally disclosed sensitive details of 24 dead people.’
In Powys council, of 17 total breaches, there are reported to have been 5 internal cases of misdirecting information, 12 cases of sending information to incorrect addresses, incorrect recording of data in correspondence, and placing personal data on the council’s website.
In Flintshire council, two committee reports were published to the website which included personal data. Additionally, there was an incident of a letter about children’s services sent to the wrong address.
Following investigation, the Information Commissioner’s Office (ICO) is reported to have said:
“It’s vital that local authorities properly live up to their legal responsibility to keep personal data secure, particularly where it is sensitive information about children and young people…
… Our concern isn’t just that councils have the right policies and procedures in place; it’s about bringing about a culture among staff whereby everyone takes their responsibilities seriously and effective data handling becomes second nature.”
Public bodies such as Local Authorities have access to vast amounts of personal information, lots of which being extremely sensitive. The manner in which that information can be accessed, processed and disclosed is governed by the Data Protection Act 1998, and could therefore amount to an unlawful breach of legislation.
By Stuart Crook, Civil Liberties Solicitor
Stephensons Solicitors LLP have a dedicated Civil Liberties and Human Rights team who may be able to advise and assist you with making a damages claim against the police or any other public body. Call us now on 0175 321 6399.