- Jan 24, 2011
- 9,378
Turns out that password protection just ain't enough anymore. Councils need to encrypt laptops as well, and this was an expensive lesson for London councils of Ealing and Hounslow to learn.
According to the Information Commissioner's Office (ICO), Ealing council provides an out-of-hours service staffed by nine work-from-home employees. This team are responsible for collating and recording information on clients from the Ealing and Hounslow councils on their laptops.
So far, so good.
Except that two of these council-issued laptops were stolen from an employee's home. The ICO reports that the laptops contained details of almost 3000 individuals. Despite encryption being part of the council security policy, the laptops only had a password to protect the individuals' privacy.
The good news is that there is no evidence to suggest that the data was accessed by an unauthorised third party. Nevertheless, Ealing and Hounslow councils were fined £80,000 and £70,000 respectively for breaching the Data Protection Act.
Source
According to the Information Commissioner's Office (ICO), Ealing council provides an out-of-hours service staffed by nine work-from-home employees. This team are responsible for collating and recording information on clients from the Ealing and Hounslow councils on their laptops.
So far, so good.
Except that two of these council-issued laptops were stolen from an employee's home. The ICO reports that the laptops contained details of almost 3000 individuals. Despite encryption being part of the council security policy, the laptops only had a password to protect the individuals' privacy.
The good news is that there is no evidence to suggest that the data was accessed by an unauthorised third party. Nevertheless, Ealing and Hounslow councils were fined £80,000 and £70,000 respectively for breaching the Data Protection Act.
Source
