Laptop theft leads information watchdog to act against Scottish council

Written by Colin Marrs on 3 May 2016 in News
News

The information watchdog has threatened a council with court action unless it implements data protection training and guidance.

West Dunbartonshire Council has been repeatedly warned by the Information Commissioner’s Office about introducing staff training, and has been advised to put in place a policy around home working.

However, its failure to do so has been linked to an incident where details of an adoption case were lost after an employee had a laptop and paperwork stolen from their car overnight.


Related content

Department for Education axes school spelling test after it was leaked online
Cybersecurity in the Government: Managing the ongoing challenge of insider threats


Ken Macdonald, assistant information commissioner for Scotland, said: “Time and time again we have told this council to make these changes, and yet they have still not completed everything we set out. We’ve been left with no choice but to issue this formal notice requiring them to act.

“Let’s be clear, what we’re asking for here is a basic requirement for an organisation that is trusted with large amounts of local people’s personal data. When people in Dunbartonshire provide the council with their details, they expect staff are trained to handle this information properly.

“Unfortunately, more than three years after this was made clear to the council, this still hasn’t happened.”

The ICO carried out an audit of the council in January 2013 which gave a reasonable assurance of the council’s compliance with the law, but recommended areas needing improvement.

However, a follow-up audit in November that year found that some recommendations had still not been implemented.

When the laptop and paperwork were stolen in July 2014, it turned out that the employee had not been given training on the Data Protection Act. However, the council avoided a fine at that time because the breach did not cause substantial damage or distress.

Share this page

Tags

CONTRIBUTIONS FROM READERS

Please login to post a comment or register for a free account.

Related Articles

Brexit: ‘No known data breaches’ of EU citizens’ digital status since programme launch, minister claims
20 September 2022

Home Office databases have not been compromised, according to Tom Pursglove

Half of three departments’ key risks concern technology
5 September 2022

Annual reports of HM Revenue and Customs, Home Office and DWP discuss risks from cyber security, data protection and specific projects

HMRC and GDS working on trials for government’s new identity-checking app
25 August 2022

New browser login system is also being tested with support of Disclosure and Barring Service

Officials’ personal info published online by government lawyers in ‘regrettable’ data leak
24 August 2022

Government Legal Department is investigating after names of civil servants were not removed from transparency documents