Council in huge care data breach
January 16, 2018 3 comments
A local authority accidentally disclosed the names of “hundreds” of children in care and vulnerable adults earlier this month.
An unnamed person at Leicester City Council accidentally included a “large spreadsheet” as an attachment in emails sent to 27 different taxi firms inviting tenders to transport children living in residential homes, as well as adults with disabilities.
Once the error was uncovered the following day, council officials quickly sent a recall notice. This email said the attachment had contained “passenger information”, the BBC reports.
“Please delete this email. Please then delete the email from your “Deleted items” folder. Please do not try to open or read it.”
It warned that disclosing any information found in the spreadsheet would be in breach of the Data Protection Act.
The Council said it had launched an investigation into the incident and insisted that it took data protection issues “very seriously”. It also promised to self-report the leak to the Information Commissioner.
But Councillor Ross Grant said the incident, which could involve the details of “hundreds, potentially thousands” of people, had made him feel “sick in my stomach”.
“We are talking children the court has taken action to protect from someone who would put them at risk and the council is potentially the organisation leaking their address. There is no guarantee this has not been copied and spread, we cannot put the genie back in the bottle.”
The incident recalls one at Newcastle City Council in October. That also involved a spreadsheet containing a large quantity of sensitive personal information which had been wrongly attached to an email sent to outside organisations.
Image by justgrimes via Flickr under a Creative Commons licence
January 16, 2018
Categories: Children in care