A local authority which lost personal data has announced that it is appointing an officer to take charge of information management and security.

Last week, the Information Commissioner’s Office (ICO) gave Central Bedfordshire Council a “limited assurance” rating after a probe sparked by the breaches. 

The council this week said that it regretted the loss but was taking action to reduce the chances of further incidents.

In a statement, it said: “Central Bedfordshire Council takes its responsibility of looking after people’s personal data extremely seriously and our employees receive regular training and reminders around protecting personal and sensitive information.

Related content

Council told to improve data protection arrangements
Compliance in the Cloud: Be sure and secure

“We regret any breach and in these cases we have apologised to those affected and taken steps to ensure it doesn’t happen again.

“We are working positively with the Information Commissioner’s Office to look at our procedures and are acting on their feedback to make our data protection systems even more robust.”

The council said that it has introduced new policies and procedures to strengthen information security and the way it shares information, and was in the process of appointing the new information management officer.

The ICO’s audit “identified considerable scope for improvement” at the council relating to its data protection obligations.

The watchdog carried out the audit after its enforcement department was alerted to a case where the council incorrectly addressed a mailing of sensitive personal data, and a further one where it failed to redact a social worker’s personal data from a crime report.