The commissioner said that the five breaches, which took place between January and June 2011, were all serious.
In another case, minutes of a child protection conference were sent in error to the former address of the mother's partner, where they were opened and read by an unauthorised person. The papers also contained personal data about the mother, who made a complaint to her social worker about the incident.
Investigations by the ICO found that all five breaches could have been prevented if the council had put adequate data protection policies, training and checks in place.
Midlothian is the first organisation in Scotland to be fined by the ICO.
In addition to imposing a fine, the information commissioner has ordered Midlothian to improve the security of personal data. The council has said has that it will now check all its records to make sure they are up to date, as well as updating its existing data protection policy to include specific provisions for the handling of personal data by social services staff.
Ken Macdonald, assistant information commissioner for Scotland, said: "The serious upset that these breaches would have caused to the children's families is obvious and it is extremely concerning that this happened five times in as many months.
"I hope this penalty acts as a reminder to all organisations across Scotland and the rest of the UK to ensure that the personal information they handle is kept secure."
theregister.co.uk
Niciun comentariu:
Trimiteți un comentariu