Data loss forces council to shape up

Wednesday, June 02, 2010

West Berkshire Council has taken remedial action after a USB memory stick was lost that contained sensitive information on children and young people.

The memory stick, which was neither encrypted or password protected, contained information relating to the ethnicity and physical or mental health of the children.

West Berkshire introduced encrypted memory sticks in 2006. But following an investigation by the Information Commissioner's Office (ICO), it was also discovered that council employees were still using unencrypted memory sticks.

Nick Carter, West Berkshire's chief executive, has now signed a formal undertaking to ensure the appropriate devices are encrypted and that all staff are trained appropriately.

Sally-anne Poole, enforcement group manager at the ICO said: "It is essential that organisations ensure the correct safeguards are in place when storing and transferring personal information, especially when it concerns sensitive information relating to children. A lack of awareness and training in data protection requirements can lead to personal information falling into the wrong hands.

"I am aware that staff have been provided with encrypted USB sticks since 2006 but older devices were not recalled. I am pleased that the council has now taken action to prevent against further data breaches."