Islington Council Fined £70k For Leaking Sensitive Resident Data Online
Mental health and residential needs data leaked by local authority
Islington Council has been fined £70,000 by the UK’s privacy watchdog for leaking sensitive data of residents, including information on their mental heath and their housing needs.
The data, which also noted if residents had been a victim of domestic abuse, was leaked after a freedom of information request was made through the What Do They Know (WDTK) website, which publishes responses for all to see online.
Islington Council leak
When Islington Council uploaded information in late June related to the work of the authorities’ Housing Performance Team, they also published sensitive data related to 2,375 residents in an Excel document.
The data remained on the site for over two weeks, even though the council had been told about the issue early on, until the mistake was spotted by a site admin, according to the Information Commissioner’s Office (ICO).
“This mistake not only placed sensitive personal information relating to residents at risk, but also the highlighted the lack of training and expertise within the council,” said ICO head of enforcement, Stephen Eckersley.
“Councils are trusted with sensitive personal information, and residents are right to expect it to be handled in a proper way. Unfortunately, in this case that did not happen, and Islington Council must now explain to residents how it will stop these mistakes being repeated.
The council has accepted the fine. An Islington Council spokesman added: “We remain extremely sorry for the upset and worry this disclosure may have caused to some people. The council carried out a thorough investigation when this disclosure came to light, and we have since put in place more rigorous checks.
“The person who released the data did not have sufficient knowledge of spreadsheets to recognise the error or to put it right.”
What do you know about Internet security? Find out with our quiz!