Serious Breach of Data Security
The Information Commissioner’s Office (ICO) has found the Home Office to be in serious breach of the Data Protection Act 1998 after a contractor lost an unencrypted memory stick containing sensitive personal details. In another recent case the ICO took enforcement action against Abertawe Bro Morgannwg University NHS Trust after approximately 5000 patient records were stolen. The case highlights the responsibilities of institutions to encrypt all portable and mobile devices on which personal data might be stored, and to carry out audits of activities, as well as making certain that any contractors processing personal data have appropriate security measures in place.
(23/01/09)