West Sussex council launches investigation after publishing vulnerable citizens’ details online

Written by Sam Trendall on 13 October 2017 in News
News

Local authority disclosed names 1,400 of disabled people and their carers in now-removed spending data spreadsheet

The council claims it removed the information '29 hours' after being alerted  Credit: West Sussex County Council

West Sussex County Council (WSCC) has launched an investigation after wrongly publishing online the details of about 1,400 disabled people and carers.

The names were featured in a spreadsheet that was published as part of the council’s practice of disclosing all instances spending over £100. To help protect the identities of vulnerable citizens and those that care for them, their names should have been removed from these documents prior to publication.

However, according to the BBC, this redaction has been performed erratically since 2010, when the council first published spending data in this way. Last month data scientist Andrew Rowson alerted the council to the wrongly published details.

The council said: “As soon as the problem was reported to us, we removed the spreadsheet from the website in under 29 hours.

WSCC said that individuals’ names represented the only personal information contained in the spreadsheets. But the authority admitted additional checks could have allowed some of the people affected to be identified by anyone seeking to do so.


Related content


“Although the spreadsheet contained transaction numbers and payment amounts, the only personal details recorded were names,” the council said. “We would like to reassure residents that the spreadsheet did not contain any sensitive personal data which would put individuals at risk, in the event that identification through data matching with alternative sources was carried out.” 

It added: “We accept that persons seeking to identify individuals could do so in some cases by making additional checks through other data sources. It is for that reason we removed the data.”

The council added that it is undertaking an investigation into the rest of its published spending information, and will work with the Information Commissioner’s Office in doing so.

“As a local authority, we are required to publish all expenditure data,” it said. “Our investigation is continuing and we will be carrying out further analysis of the data during this time closely following the guidance issued by the Information Commissioner's Office.”

The not-for-profit fraud-prevention body Cifas offers local authorities a free service to protect vulnerable people from fraud. The Protective Registration for the Vulnerable offering imposes additional checks and monitoring on all applications for financial services made in the name of those considered at risk.

 

About the author

Sam Trendall is editor of PublicTechnology

Share this page

Tags

Categories

CONTRIBUTIONS FROM READERS

Please login to post a comment or register for a free account.

Related Articles

Constituents report MP to ICO over alleged data-protection breach in Facebook post
21 June 2018

Data-protection watchdog ‘making enquiries’ after Conservative Gordon Henderson publishes names and partial addresses of local residents who sent him a letter

The public sector must be transparent on data use to gain citizens’ trust
30 May 2018

While GDPR is right to provide individuals with greater control over how their information is used, the benefits of sharing data should not be overlooked, believes Rose Lasko-Skinner of Reform

Government considers creating social-media regulator with sanctioning powers
21 May 2018

With new internet-safety legislation due later this year, respondents to a government consultation have urged the creation of a dedicated regulator with the power to punish

Related Sponsored Articles

Don’t Gamble with your password resets!
20 June 2018

The cautionary tale of the Leicestershire teenager who hacked high-ranking officials of NATO allies shows the need for improved password security