The incredibly serious Wokingham Council data breach that came to light in the last few weeks was a severe example of how bad a council data breach can be.
This particular breach was said to be an error that’s among a number that had been identified with Wokingham Council. Councils and local authority agencies hold a great deal of incredibly personal and sensitive data about thousands of individuals. This includes vulnerable people and children.
As such, any council data breach can be severe. This latest Wokingham Council data breach is one of the worst we’ve seen.
A sickening Staffordshire police data breach has led to an officer being sacked and being handed a 12-month prison sentence.
With the police handling very sensitive and personal information, we expect the best from them. Unfortunately, they do fall short on some occasions. The police have been embroiled in a number of data breach incidents for several years. A concerning element is where officers are using police data when they’re not supposed to.
This hearings in the Staffordshire police data breach at the centre of this article resulted in the instant dismissal for the officer involved.
Former PC Sarah Corner has resigned a week before a hearing over the Norfolk Police data breach she was embroiled in.
The 24-year-old was due to face a gross misconduct hearing last month following allegations of a serious data breach. Ms Corner was investigated for illegally obtaining information from a police computer. This is a monumental breach of data protection.
Although she resigned prior to the hearing, she would have been dismissed in any event. With the wealth of data that police hold, any police data breach can be a serious one.
The Cleveland Police data breach was another example of a preventable public sector data breach that should never have happened in the first place.
As a result of what’s being classed as a “human error” incident, the personal details of 1,661 people were leaked online. As part of the police’s procedures for disclosing data about “use of force”, information was put online that was accidentally not redacted. What should have been generic information about people who had been restrained by the police between April and June this year instead disclosed far more information.
Anyone affected by the Cleveland Police data breach may be eligible to pursue legal action.
A signed undertaking has come into force over a Humberside police data breach that involved incredibly sensitive notes for an alleged rape.
In October 2016, the Information Commissioner’s Office (ICO) was informed about the loss of interview disks and written notes about an alleged rape. The disks were reportedly created after an interview had been conducted with another force, and the disks were not encrypted or even password-protected.
The loss of sensitive police data that wasn’t even encrypted and protected is inexcusable.
The 2016 Gloucestershire police data breach has led to a fine imposed by the Information Commissioner’s Office (ICO) in the sum of £80,000.00.
The incident that took place on 19 December 2016 involved a Gloucestershire police offer sending an update to 56 individuals in respect of allegations of abuse. The officer inadvertently placed the email addresses of the recipients into the “To” field instead of the “BCC” field, resulting in the identities of the recipients being revealed to one another.
The email itself is thought to have revealed information about schools and other organisations being investigated as part of the allegations.
A police force has been blasted over data security failures by the Information Commissioner’s Office (ICO) after a “damning report” from the body responsible for overseeing the police in Scotland.
The ICO has reportedly demanded immediate action following an audit that has been described as “highly critical” with “urgent recommendations”.
It’s understood that the security of personal data, staff training and awareness, and data sharing are the areas of focus after investigations were undertaken to look into data security failures by the police.
The Crown Prosecution Service (CPS) has been fined £325,000 by the ICO for losing recordings of sensitive police interviews. Not only did the CPS lose the footage, but they also failed to encrypt the lost police data as well.
The recordings were of multiple interviews with alleged child sex abuse victims that were to be used at trial.
It goes without saying that the unencrypted police data lost in this case was of an incredibly personal and sensitive nature. The fact that it was lost and allowed to be potentially exposed bas led to the huge fine imposed by the Information Commissioner’s Office (ICO).
The ICO has completed a follow-up assessment of Dyfed Powys Police who signed an undertaking last year to improve their data protection compliance. The undertaking meant that the police force had to engage in force-wide data protection training and refresher training, as well as ensuring that training and monitoring was properly recorded to address non-compliance and ensure that security measures are in place to properly protect data.
The involvement of the ICO (Information Commissioner’s Office) – the UK’s data watchdog – was to ensure that Dyfed Powys Police were upholding their data protection responsibilities after a number of incidents had previously occurred.