Tuesday 23 November 2010

£60,000 fine for A4e

A4e has been fined £60,000 for the loss last year of an unencrypted laptop with the details of thousands of people. The data breach occurred when an employee took details of 24,000 clients of the Hull and Leicester Community Legal Advice Centres home to work on. An unsuccessful attempt to access the data was made shortly afterwards. The story on the BBC news site quotes Christopher Graham, the Commissioner for Data Protection, saying, "A4e did not take reasonable steps to avoid the loss of the data when it issued the employee with an unencrypted laptop, despite knowing the amount and type of data that would be on it. It warranted nothing less than a monetary penalty as thousands of people's privacy was potentially compromised by the company's failure to take the simple step of encrypting the data." Hertfordshire County Council was also fined £100,000 for a more serious loss of data.

2 comments:

  1. An ID is worth £1000 in ID fraud. £60K is nothing to a company like A4E. However the whole welfare to work sector could do with some investigation over how they keep data stored!

    ReplyDelete
  2. I totally agree, and I do hope that from now on they'll put more into keeping the sensitive data they have safer. I've heard of companies that have "outsourced" their data protection, maybe that's a good idea in this case.

    ReplyDelete

Keep it clean, please. No abusive comments will be approved, so don't indulge in insults. If you wish to contact me, post a comment beginning with "not for publication".