UK: Croydon and Norfolk County councils fined by ICO for data breaches

The Information Commissioner’s Office (ICO) has served monetary penalties totalling £180,000 to two councils for failing to keep highly sensitive information about the welfare of children secure.

Croydon Council has been handed a penalty of £100,000 after a bag containing papers relating to the care of a child sex abuse victim was stolen from a London pub. Norfolk County Council has been served with an £80,000 penalty for disclosing information about allegations against a parent and the welfare of their child to the wrong recipient.

The Croydon Council breach – which happened in April 2011 – occurred when an unlocked bag belonging to a social worker was stolen from a London pub. The worker was taking papers, including information about the sexual abuse of a child and six other people connected to a court hearing, home for use at a meeting the following day. The bag and its contents have never been recovered.

The Norfolk County Council breach – which also occurred in April 2011 – happened when a social worker inadvertently wrote the wrong address on a report and hand delivered it to the intended recipient’s next door neighbour. The report contained confidential and highly sensitive personal data about a child’s emotional and physical wellbeing, together with other personal information.

Source: Information Commissioner’s Office

About the author: Dissent

Comments are closed.