The Information Commissioner's Office (ICO) says that Rochdale Metropolitan Borough Council breached the Data Protection Act when it lost a USB drive containing the personal information of 18,000 citizens, PC Advisor. ICO Acting Head of Enforcement Sally-Anne Poole said the office's investigation "uncovered a number of failings," adding, "This incident could have been easily avoided if adequate security measures had been in place." The data, which was unencrypted, included names, addresses and details of payments made to the council. The council had no policy for encrypting USB sticks but has now adopted one and has plans to extend it to other devices.
If you want to comment on this post, you need to login.