Stoke-on-Trent City Council has implemented new security systems following a breach of confidentiality after a solicitor acting on its behalf of the authority sent 11 emails about a child protection case to the wrong person. The incident occurred in December 2011.
The Information Commissioner’s Office (ICO) found that the solicitor was in breach of the Council’s own guidelines and that the council had failed to provide the appropriate encryption software as well as no “relevant training”.
ICO said that the incident was a serious breach of the Data Protection Act, especially considering that another breach in 2010 highlighted concerns over encryption measures within the authority, an issue which had obviously not been adequately addressed.
Stoke-on-Trent City Council has been fined £120,000 although the maximum it could have imposed was £500,000.