YORKSHIRE councils have been accused of a “shockingly lax attitude” to protecting confidential information after losing dozens of pieces of sensitive personal data.
Two councils have admitted sending child protection information to the wrong people to the alarm of civil liberties activists. North Yorkshire County Council has recorded 46 incidents of data loss in three years, according to a survey by Big Brother Watch – putting it among the 10 most prolific offenders.
Hull recorded 12 incidents, York 10, Rotherham eight and Leeds seven. Leeds and North Yorkshire sent child protection information to the wrong addresses. North Yorkshire sending details of a social care review to someone with the same name. Files were lost in Rotherham when a car which was stolen and burnt out and details of foster placement addresses were left on a bus in Sheffield.
Big Brother Watch director Nick Pickles said only nine staff had been dismissed despite 132 authorities recording 1,035 data loss incidents. More than 3,000 children and young people had had details compromised.
“This research highlights a shockingly lax attitude to protecting confidential information across nearly a third of councils,” he said. “The fact that only a tiny fraction of staff have been dismissed brings into question how seriously managers take protecting the privacy of their service users and local residents.”
Mr Pickles called for the Information Commissioner to have extra powers to audit organisations amid concern that not all losses are reported. He said: “Despite having access to increasing amounts of data and being responsible for even more services, local authorities are simply not able to say our personal information is safe with them.”
North Yorkshire County Council’s director of financial services John Moore said: “We take data security very seriously, and any loss of data is investigated thoroughly and the appropriate action, either in terms of training or education, is immediately instituted. Given that data loss is a potential issue in all IT systems, one has to wonder whether other local authorities are perhaps not as rigorous in policing or recording such instances.”
A Leeds City Council spokeswoman said processes had been updated. She added: “We take issues of information security very seriously and are sorry that these breaches have occurred. The council has a very robust approach in dealing with data security breaches, and all of these individual incidents have been investigated in full.”
A spokesman for the Information Commissioner’s Office said: “It’s vital that local authorities properly live up to their legal responsibility to keep personal data secure, particularly where it is sensitive information about children and young people.”
Comment: Page 12.