Council Fined by ICO for Breaching Data Protection Rules


17 October, 2017

A Council has been fined by the Information Commissioners Office after falling foul of Data Protection rules. Nottinghamshire CC has been fined £70,000 after leaving vulnerable people's personal information online for five years.

Nottinghamshire County Council unknowingly posted the gender, addresses, postcodes and care requirements of elderly and disabled people in an online directory without basic security or access restrictions such as a username or password. The matter was discovered and reported by a member of the public who found inadvertently stumbled across the sensitive personal information.

Forbes comment

All organisations, including local authorities must ensure that they have appropriate procedures in place to guarantee that personal information is handled and processed in an appropriate manner and in accordance with the Data Protection Act. Organisations should ensure that IT security safeguarding procedures are implemented to ensure information is secure before being published online.

If you are looking for any more information with regards to our services view our Insurance section. You can also contact Sarah Wilkinson in our Insurance department via email or phone on 01254 662831. Alternatively send any question through to Forbes Solicitors via our online Contact Form.


Make an enquiry