Plymouth Council Fined £60k After Printer Gaffe
Council worker picks up the wrong documents and posts them
Plymouth City Council has been slapped with a £60,000 data breach fine after it sent details on a a child neglect case to the wrong recipient.
The gaffe occurred when a council worker collected three pages of information from a printer in error together with another document. Those pages, which contained highly sensitive personal information about two parents and four children, were then given to the wrong person via a social worker.
Plymouth council errors
“It would be too easy to consider this a simple human error. The reality is that this incident happened because not enough care was being taken within the organisation when handling vulnerable people’s sensitive information,” said Stephen Eckersley, head of enforcement at the Information Commissioner’s Office (ICO).
“The distress this incident will have caused the people involved is obvious, and the penalty we have issued today reflects that.”
The council said it had made changes after the incident, particularly around the printing processes at the local authority.
“In line with guidance, the incident was reported to the Information Commissioner’s Office. The three pages were quickly recovered and destroyed, both clients were spoken with about the incident and our sincerest apologies were offered,” it added.
“Practical steps to prevent a similar situation happening again were taken including secure PIN printing so that reports are only printed when staff activate the printer with their code, which reduces the risk of papers being mixed up.
“Extra checks before sensitive documents are dispatched from the office are also being devised. Children’s Social Care have reinforced to all managers and staff that all employees have personal responsibility for the confidentiality of client information and the security of documents.”
The ICO has now handed out over £2 million in fines. Earlier this month, the privacy watchdog handed out a rare fine to a private sector organisation for mishandling of information, as Prudential was told to cough up £50,000.
Think you’re a security pro? Try our quiz!