Our Latest Online Backup Reviews:Vembu SyncBlaze
Industry LinksTools and Graphs
ICO urges more care with personal data as Nursing and Midwifery Council receives £150,000 penalty
London, UK, Feb. 15, 2013 — /BackupReview.info/ — The Information Commissioner’s Office has urged organisations to review their policies on how personal data is handled, after the Nursing and Midwifery Council was issued a £150,000 civil monetary penalty for breaching the Data Protection Act.
The council lost three DVDs related to a nurse’s misconduct hearing, which contained confidential personal information and evidence from two vulnerable children. An ICO investigation found the information was not encrypted.
David Smith, Deputy Commissioner and Director of Data Protection, said:
The council had been couriering evidence relating to a ‘fitness to practise’ case to the hearing venue. When the packages were received the discs were not present, though the packages showed no signs of tampering. Following the security breach the council carried out extensive searches to find the DVDs, but they’ve never been recovered.
David Smith continued:
“The Nursing and Midwifery Council’s underlying failure to ensure these discs were encrypted placed sensitive personal information at unnecessary risk. No policy appeared to exist on how the discs should be handled, and so no thought was given as to whether they should be encrypted before being couriered. Had that simple step been taken, the information would have remained secure and we would not have had to issue this penalty.”
Further details about today’s case can be found on the ICO’s civil monetary penalty notice page.
The ICO has published guidance for organisations on the use of encryption.
Notes to Editors
1. The Information Commissioner’s Office upholds information rights in the public interest, promoting openness by public bodies and data privacy for individuals.
2. The ICO has specific responsibilities set out in the Data Protection Act 1998, the Freedom of Information Act 2000, Environmental Information Regulations 2004 and Privacy and Electronic Communications Regulations 2003.
3. The ICO is on Twitter, Facebook and LinkedIn, and produces a monthly e-newsletter.
4. Anyone who processes personal information must comply with eight principles of the Data Protection Act, which make sure that personal information is:
5. Civil Monetary Penalties (CMPs) are subject to a right of appeal to the (First-tier Tribunal) General Regulatory Chamber against the imposition of the monetary penalty and/or the amount of the penalty specified in the monetary penalty notice.
6. Any monetary penalty is paid into the Treasury’s Consolidated Fund and is not kept by the Information Commissioner’s Office (ICO).
General Tags: software as a service, online file backup, online backup services, SaaS, data security, online backup news, online backup, top rated online backups, cloud computing, compare online backups, online backup reviews, online data backup, backing up online, online file storage, CEO interviews, data storage, online backup providers directory, online backup companies
Like us on Facebook
Sponsored Links:Data Deposit Box Asigra