The UK's data protection watchdog - the Information Commissioner's Office (ICO) - has taken action against Stoke-on-Trent City Council after the authority lost a USB stick containing sensitive information on 40 children in care.
A member of the public discovered the memory stick, which was unencrypted and not password protected, before returning it to the council.
The data included court reports and details of care proceedings.
Having breached the Data Protection Act, the local authority has been told to implement steps to ensure personal data stored by the body is adequately secured.
The council has agreed to encrypt portable and mobile devices used to store and transmit personal data, while staff education will be ramped up.
"When handling sensitive personal information, particularly information relating to the care of vulnerable children, it is important that authorities ensure the necessary measures are in place to protect this information," said Sally-Anne Poole, Enforcement Group Manager at the ICO.
Yet again, the ICO has not given out a fine for the breach.
"This incident occurred before 6 April so the powers now available to the information commissioner to issue penalties of up to 500,000 for serious breaches of the Data Protection Act, could not be considered," said Poole.
One of the central reasons why Google was not issued with a fine after the Street View Wi-Fi scandal was because the data was collected before the ICO's extra powers came into force.
An ICO spokesperson told IT PRO the council could "potentially" have been hit with a fine if the breach occurred after the penalty powers were granted.
The spokesperson also confirmed a fine would be handed to an as yet unnamed body or individual "in the near future," after information commissioner Christopher Graham indicated a penalty would be handed out before the end of the month.
-
What does modern security success look like for financial services?Sponsored As financial institutions grapple with evolving cyber threats, intensifying regulations, and the limitations of ageing IT infrastructure, the need for a resilient and forward-thinking security strategy has never been greater
-
Yes, legal AI. But what can you actually do with it? Let’s take a look…Sponsored Legal AI is a knowledge multiplier that can accelerate research, sharpen insights, and organize information, provided legal teams have confidence in its transparent and auditable application
-
UK regions invited to apply for ‘AI Growth Zone’ statusNews The UK government has opened up bidding for regions hoping to secure 'AI growth zone' status.
-
“Botched government procurement” leads to £24 million Atos settlementNews Labour has accused the Conservative government of using taxpayers’ money to pay for their own mistakes
-
UK government to run Starlink trials in Snowdonia, Lake DistrictNews The government has indicated low-Earth orbit satellites could be key to expanding connectivity to UK businesses
-
Government holds talks with data centre operators over energy blackout threatNews One data centre operator has been preparing to switch over to diesel power in the event of a national blackout
-
HPE inks $2 billion high-performance computing deal with the NSANews HPE will provide scalable on-premises computing to the NSA using Greenlake
-
TikTok to open first European data centre in IrelandNews The move could signify a desire to shift its operations away from the US as well as secure its position in the European market
-
MPs in a muddle over GDPR and storing voters' personal dataNews Labour MP Chris Bryant says his staff were told to delete constituents' data
-
Broadband not meeting UK consumer expectationsNews Survey finds many unhappy with broadband in the UK
