Consider IT

Consider IT
Consider IT
IT Security

Ealing Council and Hounslow Council fined by ICO – Unencrypted Laptops

Ealing Council and Hounslow Council fined by ICO – Unencrypted Laptops

Both Councils Fined

The Information Commissioner’s Office (ICO) today served Earling Council and Hounslow Council with monetary penalties for serious breaches of the Data Protection Act after the loss of two unencrypted laptops containing sensitive personal information.

The two laptops contained details of around 1,700 individuals and was stolen from an employees home. Ealing Council provides an out of hours service on behalf of both councils, which is operated by nine staff who work from home. The team receive contact from a variety of sources and rely on laptops to record information about individuals.
Almost 1,000 records were clients of Ealing Council and almost 700 were clients of Hounslow Council. Both laptops were password protected but were unencrypted.

Ealing Council – FINED £80,000

Hounslow Council – FINED £70,000

The ICO issued Ealing Council with an £80,000 penalty explaining that it breached the Data Protection Act by issuing an unencrypted laptop to a member of staff in breach of its own policies. This method of working has scarily been in place for several years and there were insufficient checks that relevant policies were being followed or understood by staff.
Hounslow Council breached the Data Protection Act by failing to have a written contract in place with Ealing Council. Hounslow failed to also monitor Ealing Council’s procedures for operating the service securely.
Deputy Commissioner, David Smith, said:
“Of the four monetary penalties that we have served so far, three concern the loss of unencrypted laptops. Where personal information is involved, password protection for portable devices is simply not enough.”
Following the incident, both Councils also had to fork out in time and money to notify all individuals affected.
Stuart Gilbertson, Managing Director of Consider IT Limited, said:
“This is the first time two Councils have been fined as part of one case. Both fines reflect the importance of adhering to the Data Protection Act. The fines clearly demonstrate the seriousness of being lackadaisical about your clients data and what consequences there are for when things go wrong. It costs roughly £100 to encrypt a laptop, and not much more to put in proper procedures. Compare that with the £80,000 fine that one Council has received today.”

The monetary penalty served on Ealing Council can be found here (PDF).

The monetary penalty served on Hounslow Council can be found here (PDF).

For more information about ensuring your business complies with the Data Protection Act, have a look at our encryption services page.

Related Posts

malwareransomware blog
April 19, 2024

Staying Ahead of the Game: 7 Strategies to Combat Malware and Ransomware

When it comes to protecting your business from cyber threats, mal...
April 19, 2024
0
cost of a cyber attack
March 19, 2024

Counting the Costs: Understanding the Financial Impact of Cyber Attacks on Businesses

Cyber attacks, once considered a distant concern, have become a p...
March 19, 2024
0
CONSIDER IT FACEBOOK CONSIDER IT Twitter CONSIDER IT Linkedin

Contact Us

0131 510 0110
[email protected]
Find Us

Customer Service

Contact Us
Our Locations
Case Studies

Information

About Consider IT
Domains
Privacy Policy
Terms & Conditions
Press Enquiries

© 2024 Consider IT Limited – All Rights Reserved
Registered office: Waterview House, 37 Shore, Edinburgh, EH6 6QU. Company Number: SC320341 | VAT number: GB 930 1862 42
Consider IT is a trading name of Consider IT Limited