Printer mix-up causes breach
According to the ICO, the breach occurred when a council employee accidentally collected personal data from a printer and sent it with another document to a third party. The ICO rapped the council for a lack of quality control and employee supervision.
“This case highlights the need for employees to take responsibility and ownership of tasks that involve handling personal data. If the documents had not been left unattended by the printer and had been carefully checked before they were sent out then this situation could easily have been avoided,” Sally-Anne Poole, the acting head of enforcement at the ICO, said.
According to Public Service.co.uk, the ICO said York council had “robust” data policies in place but that the incident showed a lack of “personal ownership and management supervision” within the council.
Kersten England, York's CEO, has signed an undertaking to ensure that new procedures are put in place to prevent documentation containing any form of personal data from being printed where there is no business need to do so, reveals the Guardian.co.uk.
The council will also bring in new quality control checks on all the information they handle prior to distribution, as well as extending their clear desk policy to include printer trays, post trays and other pending work trays.
It has agreed that all of the measures outlined in the undertaking will be in place within the next four months.
Share