Council praised for remedial work on data compliance

Council praised for remedial work on data... A local authority has been praised by the Information Commissioner’s Office (ICO) for the swift and effective way it has responded to a previous data security failure.

Wolverhampton City Council was served with an enforcement notice by the ICO in May this year, following a breach of the Data Protection Act. It was ordered to provide data protection training to its entire workforce.

Information commissioner Christopher Graham commented: “We are pleased that Wolverhampton City Council have now provided adequate data protection training to all of their staff. It is important that the council maintains these practices going forward to make sure residents’ information is handled correctly and kept secure.”

He noted that a growing public awareness of the need for data to be kept safe means compliance is essential for both public and private sector bodies, adding that the ICO is to run a workshop for SMEs in the West Midlands region in late September.

Mr Graham said this would help small firms with “limited understanding of their responsibilities under the Data Protection Act” to learn how to get it right.

There are eight principles in the Act, which state that information should be processed in a fair and lawful way, only used for limited purposes, kept to the necessary minimum, accurate, not held longer than needed, processed in line with the rights of citizens, kept safe and never transferred to other countries without it being adequately protected.

Wolverhampton City Council’s failure centred on the case of a social worker who had not been trained in data protection. The employee sent out a letter to a former service user that contained sensitive information about the recipient’s sister. This data should not have been included in the letter.

The breach occurred in January 2012, just a month after the ICO had completed a security audit with the council and recommended it introduce a data protection policy. However, the local authority failed to meet a deadline of training all its staff by the end of February this year, at which point 68 per cent had not received instruction on protecting data.

Search for compliance jobs with Barclay Simpson, leaders in compliance recruitment ADNFCR-1684-ID-801734307-ADNFCR

Candidate Services

Are you looking for your next role? Our consultants are knowledgeable in their chosen markets and can support you throughout your career. View our current jobs to get started.

Employer Services

We know that finding the best talent for our clients is an essential part of their success. Our consultants’ expertise ensures they can identify and deliver candidates with the behaviours, competencies and cultural fit needed to produce successful results time and again. View our services today.

Salary guide

The 2024 Barclay Simpson Salary Survey & Recruitment Trends Guide: Cyber Security & Data Privacy

Thought leadership

Recruitment Market Insights – Risk & Treasury 2023

Blogs

Diversity DEI Inclusion Equality