Isles of Scilly council dragged over coals by Information Commissioner for letting documents slip

Data protection training for staff was lacking

The Information Commissioner's Office (ICO) has ordered the Council of the Isles of Scilly to implement new data protection policies and training, after two data breaches involving the disclosure of personal data.

The first breach occurred in June 2013, when an attachment inadvertently included in an email revealed personal data related to a disciplinary hearing.

A further incident occurred in September 2013, involving two documents containing sensitive personal data ending up in public circulation. Poor data sharing, including staff using personal email accounts and paper documents not being properly redacted, meant details of an investigation into the conduct of a former head teacher were disclosed publicly.

ICO head of enforcement Stephen Eckersley, said: "Personal data must be handled securely and safely. The council has failed to do so and must now make immediate changes.

"The people of the Isles of Scilly need to be confident their council understands and complies with the law. The undertaking from the council to us will help ensure it does so."

The council has agreed to implement mandatory data protection training to staff, with refresher training to be updated regularly. It must also draft appropriate guidance on the safe transfer of personal data by email and consider the use of encryption. In addition, the council must draft a document redaction policy.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Follow our new CSO Australia LinkedIn
Follow our new social and we'll keep you in the loop for exclusive events and all things security!
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags Information Commissioner's Office

More about ICO

Show Comments

Featured Whitepapers

Editor's Recommendations

Brand Page

Stories by Antony Savvas

Latest Videos

More videos

Blog Posts