Stoke-on-Trent City Council fined £120k after mis-sent email disclosed sensitive child data (update 2)
Public Service reports:
Stoke-on-Trent City Council has been hit with a major fine after sensitive information on a child protection case was emailed to the wrong person, the Information Commissioner’s Office has confirmed.
The ICO, which can fine up to £500,000 for serious breaches of the Data Protection Act, said the £120,000 fine issued to Stoke council reflected the fact it had not resolved issues after an earlier breach of a similar nature.
The latest breach happened in December 2011 when 11 emails were sent by a solicitor at the authority to the wrong address. The watchdog found that highly sensitive information on the care of a child was involved as well as further information on the health of two adults and two other children.
The authority’s guidance, which was breached by the solicitor, had stated sensitive data needed to be encrypted or sent over a secure network.
Read more on PublicService.co.uk.
Update 1: The ICO subsequently removed the monetary penalty notice from their site. I’ll replace the link once I see what they do.
Update 2: The documents seem to be available again: