DataBreaches.net

DataBreaches.net

The Office of Inadequate Security

Menu
  • Breach Laws
  • About
  • Donate
  • Contact
  • Privacy
  • Transparency Reports
Menu

UK: Doncaster Metropolitan Borough Council undertaking

Posted on August 4, 2015 by Dissent

Here’s yet another case where an investigation of a breach resulted in the ICO discovering that an entity was not providing data protection training and re-training often enough. 

On October 10, 2014, the Information Commissioner (ICO)  was informed that Doncaster Metropolitan Borough Council had lost a file containing 66 records of families requiring Health services. There is no evidence to suggest the file is in the public domain and it appears the loss arose as a result of an internal office move.

The Commissioner was satisfied that due to the physical security measures normally in place, no formal action was required on that issue, but in the process of investigating the matter, the ICO determined that there were low levels of staff completion of themandatory data protection training. Furthermore, staff were only required to undertake data protection training every three years.

Note that there is nothing in the enforceable regulations that makes this a violation, but it is inconsistent with the ICO’s guidance and previous advice on good data protection practice.

And so, voila, another undertaking.

I wonder what would happen if an entity refused to sign an undertaking because, well, they didn’t break any law. Then what?

Related Posts:

  • Dudley Metropolitan Borough Council signs…
  • UK: Sensitive social services records lost after…
  • UK: Council lost memory stick containing 18,000…
  • Luton Borough Council signs undertaking after data…
  • UK: London Borough of Hammersmith and Fulham signs…

Post navigation

← Prima CARE notifying patients after binders with protected health information found in bushes
Higher Education Institutions Increasingly Falling Victim to Cyberattacks →

Sponsored or Paid Posts

This site doesn’t accept sponsored posts and doesn’t respond to requests about them.

Have a News Tip?

Email:

Breaches[at]Protonmail.ch
Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Telegram: @DissentDoe

Browse by News Section

Latest Posts

  • Russian hackers exploiting Outlook bug to hijack Exchange accounts
  • Britain dismisses report claiming Sellafield nuclear site hacking, says no malware exists on our system
  • 23andMe data breach: Hackers accessed data of 6.9 million users
  • AlphV claims they have started contacting some of Tipalti’s clients (1)
  • Research: Privacy as Pretense: Empirically Mapping the Gap Between Legislative & Judicial Protections of Privacy
  • What it means — CitrixBleed ransomware group woes grow as over 60 credit unions, hospitals, financial services and more breached in US.
  • On September 2nd, the U.S. branch of Great Star Industrial Co. disbursed a ransom of 1 million dollars to a ransomware group
  • Former Public School Information Technology Manager Charged with Damaging School’s Computer Network

Please Donate

If you can, please donate XMR to our Monero wallet because the entities whose breaches we expose are definitely not supporting our work and are generally trying to chill our speech!

Donate- Scan QR Code   Donate!

Social Media

Find me on Infosec.Exchange.

I am also on Telegram @DissentDoe.

RSS

Grab the RSS Feed

Copyright

© 2009 – 2023, DataBreaches.net and DataBreaches LLC. All rights reserved.

HIGH PRAISE, INDEED!

“You translate “Nerd” into understandable “English” — Victor Gevers of GDI Foundation, talking about DataBreaches.net

©2023 DataBreaches.net