01 July 2011

Subscribe to Newsletters

Advertise with the IAPP

UK—£120,000 fine for misdirected e-mails

Default Article Featured Image_laptop-newspaper-global-article-090623[95].jpg

Related stories

US President Trump signs state AI executive order, legal questions remain

Notes from the IAPP Canada: Facial detection digital ads cause stir, but why?

Employee monitoring in the US and Canada: What employers need to know

'Privacy, Please!' Lorrie Cranor on why she wrote a privacy book for 4-to-6-year-olds

COPPA 2.0, KOSA among 18 children's online safety bills advanced by US House subcommittee

Lilly Taranto

Contributor

CIPP/E

1 Minute Read

The ICO has imposed a £120,000 fine on Surrey County Council for a serious breach of the Data Protection Act 1998, after staff sent a series of misdirected e-mails containing sensitive personal information to the wrong recipients.

In one instance, information relating to 241 individuals’ physical and mental health was e-mailed to local transportation firms.

UK Information Commissioner Christopher Graham said, “This significant penalty fully reflects the seriousness of the case…it is clear that Surrey County Council failed to fully address the risks of sending sensitive personal data by e-mail until it was far too late.”

ADVERTISEMENT

Radarfirst- Looking for clarity and confidence in every decision? You found it.