DATA breaches at Dorset councils have seen staff accessing personal information for their own use and records which contained limited third party information being sent to the public.
A report by the group Big Brother Watch has revealed data breaches that have taken place at councils across the UK.
Between 2011 until 2014, there were five data breaches at Dorset County Council.
The five breaches at Dorset County Council included a laptop being stolen during an office burglary, a copy of a record, which contained limited third party information, being sent to a member of the public and an email sent to multiple people without using the Blind Carbon Copy (BCC) facility.
The other two incidents saw an email and a letter sent to the wrong address.
Dorset County Council has provided more details of each of the incidents.
It said that the stolen laptop was encrypted to a standard that is considered to present no risk and that the laptop could not be accessed.
The employee that sent a copy of a record to a member of the public that contained limited third party information attended data protection training.
The council said that the email sent not using the BCC facility did not contain personal or sensitive information and that the employee was briefed on email policy and procedures and also attended a data protection session.
The members of the team involved in sending the letter to the wrong address were also re-briefed on data protection and training was given where necessary.
The email being sent to the wrong person was dealt with as part of the management appraisal process which would be on the employee’s record and would be taken in to account if there was a further data breach.
Big Brother Watch has called for the introduction of custodial sentences for serious data breaches, individuals to be given criminal records, training and reporting of any breach to be mandatory and standardised reporting systems and approaches to handling any breach.
The council has said that data protection training is mandatory for all new employees and that it has a programme to ensure all existing employees receive the training. There is also an online eLearning data protection module for refresher training.
Comments: Our rules
We want our comments to be a lively and valuable part of our community - a place where readers can debate and engage with the most important local issues. The ability to comment on our stories is a privilege, not a right, however, and that privilege may be withdrawn if it is abused or misused.
Please report any comments that break our rules.
Read the rules hereLast Updated:
Report this comment Cancel