There has reportedly been a potentially serious Portsmouth City Council data breach involving a stolen laptop that contained the data for adults and children.
It’s understood that the device was taken in November and may have contained information relating to family matters as well as health data and school information. In the wrong hands, this kind of data could be used for malicious purposes.
Council data breach compensation claims are one of the more common types of individual legal cases that we take forward. When data is exposed or stolen in such a way, the council could receive a fine and the victims can be entitled to make a claim for compensation too.
Council data breaches are common
Local authorities and the agencies that work for them store and process significant amounts of data for millions of people across the UK. This is one of the reasons that breaches can be common, and it can also come down to funding constraints in the public sector too. In some cases, cybersecurity and data protection just isn’t being taken seriously enough, and only after a breach is proper action taken.
Following the Portsmouth City Council data breach, it’s understood that the authority has now implemented additional security measures. Whilst we don’t know the full details as to what this entails, we do question why such measures were not in place prior to the data theft.
Personal and sensitive information
Although only limited information about the specifics of this Portsmouth City Council data breach have been confirmed, we already know about the wealth of personal and sensitive information that councils store and process in general.
It can cover the whole range when it comes to types of information, such as:
- The usual personal and contact data;
- Health and medical information for benefits and social welfare reasons;
- Financial and employment data for the same reason as the above.
As such, even a small exposure of information from the council could lead to sensitive data being involved. This is why data breach compensation amounts for cases like this can be substantial in some cases.
Will the Portsmouth City Council data breach lead to a fine?
The Portsmouth City Council data breach may lead to a regulatory fine being issued by the Information Commissioner’s Office (ICO).
In theory, such a fine could amount to millions of pounds in accordance with the powers that the ICO now has from the GDPR. They will need to assess factors such as the nature of the information stolen, the volume of it, and how preventable the incident was.
A fine isn’t designed to be used for compensation. As such, victims of a data breach can pursue their own legal case on a No Win, No Fee basis to claim damages for the distress caused by the loss of control of their personal information.
IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.
Request a call back from our team
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked with an * are required.
First published by Matthew on April 15, 2020
Posted in the following categories: Claims Council Data ICO Latest Security and tagged with compensation | council | council data breaches | data breach | data leak | personal data