The ICO has issued its most severe penalty yet for a series of data protection breaches. Surrey Council has been fined £120,000 for three data protection errors in the past year, including the accidental circulation of confidential medical records. The incidents occurred when files containing sensitive personal data were sent to the wrong group email lists.
This incident highlights the importance of colleges and universities having clear data security policies and procedures, appropriate to the sensitivity of the information they hold.
Access JISC Legal’s guidance on improving your institution’s data protection procedures.
Read further details of the story.