![Default Article Featured Image_laptop-newspaper-global-article-090623[95].jpg](https://images.contentstack.io/v3/assets/bltd4dd5b2d705252bc/blt61f52659e86e1227/64ff207a8606a815d1c86182/laptop-newspaper-global-article-090623[95].jpg?width=3840&quality=75&format=pjpg&auto=webp)
The theft of unencrypted laptops and portable and mobile devices containing personal information continues to make headlines in the UK. Two organisations in the education sector—the Association of School and College Leaders and Holly Park School—have recently signed undertakings with the UK Information Commissioner’s Office (ICO) following breaches of the Data Protection Act 1998 that involved failures to encrypt sensitive and other personal information held on laptops that were later stolen.
The ICO considers its guidance to be clear—encryption software must be used to protect data that, if lost, is liable to cause individuals damage and distress. The ICO’s view is that such losses are “inexcusable,” as encryption is “one of the most basic security measures and is not expensive to put in place.” Going forward, both organisations have undertaken to encrypt laptops and other portable devices storing personal data and to ensure their employees’ compliance with data protection and IT security policies and procedures.
