Scottish Council to improve security after breaching the Data Protection Act
Printer friendly
The laptops contained personal details relating to approximately 1,400 individuals, including medical information. Both laptops were password protected and stored in a locked office, but they were not encrypted and no additional physical security measures were in place.
Alistair Dodds, Chief Executive of The Highland Council, has signed a formal Undertaking. By 30 September 2009 the council will ensure that portable and mobile devices containing personal data, including laptops, are encrypted. The council has also agreed to ensure that physical security measures and procedures will be adequate to prevent the theft of devices containing people's personal details.
Ken Macdonald, Assistant Information Commissioner - Scotland, said: 'The stolen laptops contained sensitive personal information, including health records. I urge all councils and their executive teams to ensure that data protection is treated as an important part of corporate governance. Safeguarding sensitive personal information must be embedded in their organisational culture. No public body can afford to take risks with personal details, least of all health records.'
Anyone who processes personal information must comply with eight principles, which make sure that personal information is:
• Fairly and lawfully processed
• Processed for limited purposes
• Adequate, relevant and not excessive
• Accurate and up to date
• Not kept for longer than is necessary
• Processed in line with your rights
• Secure
• Not transferred to other countries without adequate protection
Related links to this article:
Information Commissioner's Office
A copy of the Undertaking can be downloaded from this link
- Login or Register to comment
- Add to a social bookmarking site
Editor's Manifesto: Tales of the entirely expected
"Several weeks into the new era of Coaltiion Government and certain key themes are emerging. First up, it's clear that the battle of the 'who can get their memoirs out the door quick enough to steal a march in the revisionist history stakes' has been triumphantly won by M'Lord Mandelson (Weren't those TV ads scary – the velvet smoking jacket, the leather fireside chair, all that Brillcream! The only thing missing was the theme tune to Tales of the Unexpected and the accompanying prancing sillouette of Harriet Harman or Diane Abbott dancing!)” Read more
The Dispatch Box: Data quality and the public sector
Colin Rickard, managing director EMEA at SAS subsidiary Dataflux, argues public sector data must be of high quality if the efficiencies promised with ICT and infrastructure is to be realised.
"Tackling the public sector’s data integration and data quality challenges is a tough prospect. The challenge may require more effort than a comparative project in a large private company. Data must be governed according to a strategy that necessitates bringing interested parties together.” Read more
Innovation: A step too far in the austerity age?
Complete and enter our draw to win a free seat at the e-Government Awards. The public sector is already perceived to be lacking in innovation, but is that a fair assessment, and what role could it play in helping the government meet efficiency targets? What do people working on the frontline of ICT in public sector organisations think? Take part and share your views
James Gardner, CTO at the Department for Work and Pensions discusses his thoughts on innovation in the public and commercial sectors.
Source: K2 Advisory