Newcastle Youth Offending Team breached the Data Protection Act by failing to encrypt a laptop containing personal data which was later stolen, the Information Commissioner’s Office (ICO) said today.
The laptop – which contained personal data relating to 100 young people – was reported stolen from a contractor’s home in the Northumbria area in January. The contractor had been working on a youth inclusion programme on behalf of the Team. The majority of the personal data stored on the laptop included names, addresses, dates of birth and the name of the school the young person attended.
The ICO’s investigation found that, although Newcastle Youth Offending Team had a contract in place with the contractor, there was a failure to ensure that its employees were complying with necessary security measures.
Acting Head of Enforcement, Sally-Anne Poole, said:
“Encryption is a basic procedure and an inexpensive way to ensure that information is kept secure. But, to their detriment, not enough data handlers are making use of it. This case also highlights how important it is to ensure that watertight procedures are in place before any work is undertaken by contractors. Organisations shouldn’t simply assume that third parties will handle personal data in line with their usual standards. I’m pleased that Newcastle Youth Offending Team has learned lessons from this incident and hope that it encourages others to heed our advice.”
Consider IT perform laptop encryption in the Edinburgh area on a regular basis. We can consult with you to determine the appropriate security principles you should have in place to ensure you don’t breach the Data Protection Act. For more information on our Encryption Service, click here.