ICO raps York Council after data breach
The ICO finds the City of York Council in breach of the Data Protection Act after employees mistakenly send data to a third party.
The City of York Council has been rapped by the Information Commissioner's Office (ICO) after a printer mix-up.
The local authority breached the Data Protection Act when an employee mistakenly collected personal data from a printer, before sending it incorrectly with other documentation to a third party.
Following an investigation, the ICO found there was a lack of quality control and management supervision.
"This case highlights the need for employees to take responsibility and ownership of tasks that involve handling personal data," said acting head of enforcement at the ICO Sally-Anne Poole.
"If the documents had not been left unattended by the printer and had been carefully checked before they were sent out then this situation could easily have been avoided." The City of York Council has signed an undertaking to ensure no personal data is printed when it was not necessary.
New quality control checks when documents are being sent out have been introduced at the council as well.
Another day, another breach
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
The City of York revelations came a day after the ICO reported the Royal Cornwall Hospitals NHS Trust breached the Data Protection Act, again for disclosing information it shouldn't have.
The breach occurred in July 2010 when an individual asked for information the Trust held about them, but the Trust ended up sending out the wrong person's data.
Later that year, an almost identical occurrence happened to the same individual, although on that occasion the disclosed data related to a "third party."
"Just because staff are busy with requests, this does not mean they can stop doing adequate checks before information is sent out," Poole said.
Meanwhile, the ICO has been investigating separate data breaches at the University of York and at Play.com.
Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.
He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.