The Information Commissioner's Office (ICO) has taken action against an insurance company following a data breach affecting 2,100 policyholders.
Kent-based Jubilee Managing Agency, part of Lloyd's, lost an unencrypted disk holding the information, and was forced by the ICO to sign a "formal undertaking" essentially a promise to improve its data protection methods.
The ICO blamed the breach on the firm's lack of staff training and poor data handling procedures.
The ICO said that some of the data held on the disk was over 10 years old and referenced policies that had since been cancelled or were for people who had since died.
"This case is not only a reminder that the appropriate safeguards should be in place to protect personal information, but that organisations must ensure information is accurate and up to date," said Sally-anne Poole, Head of Enforcement & Investigations at the ICO, in a statement.
"Organisations should only retain personal information for as long as necessary," she added. "It is a matter of some concern to us that expired policies, including financial details, were still available and stored on unencrypted devices."
The ICO noted that there has been 161 reported data breaches in the private sector since November 2007.
Click here for lessons about data breaches we all should have learned by now.
-
Should AI PCs be part of your next hardware refresh?AI PCs are fast becoming a business staple and a surefire way to future-proof your business
-
Westcon-Comstor and Vectra AI launch brace of new channel initiativesNews Westcon-Comstor and Vectra AI have announced the launch of two new channel growth initiatives focused on the managed security service provider (MSSP) space and AWS Marketplace.
-
New Zealand privacy commissioner tipped to become next ICO headNews John Edwards is said to be an 'anti-Facebook' regulator who would fit well in the UK's plans to clamp down on big tech
-
What is a freedom of information (FOI) request?In-depth We look at the mechanism citizens can use to hold public bodies to account
-
ICO hints at Facebook hypocrisy over data protection goalsNews Elizabeth Denham asks Facebook to drop appeal after CEO's call for greater internet regulation
-
ICO to investigate Google over GDPR violationsNews UK Watchdog to liaise with other European regulators over 'forced consent' push by the tech giant
-
ICO myth-busts on the flow of data post BrexitNews The Information Commissioner explains how data will move between the UK and EU in a no-deal scenario
-
Leave.EU faces big fine over data law breachesNews Information commissioner reveals Leave.EU was fined a total of £75,000 for “serious breaches”
-
ICO website knocked offline for more than 24 hoursNews The outage was caused by an “unprecedented electrical surge” that damaged its host’s circuits
-
Elizabeth Denham appointed ICO bossNews Denham will be tasked with helping the UK leave the EU without any knock-on effects on privacy
