22nd February 2018
The local education authority worker has to pay £1,563 after sharing a photo of a spreadsheet showing personal data with an estranged parent. The spreadsheet included childrens' and parents' names, addresses, dates of birth and National Insurance numbers. It happened to be sent via SnapChat.
This highlights the importance of training staff and limiting staff access to data, even though the council themselves were not fined, and for staff to comply with the law to protect data they have access to.
The charge includes £850 fine and £713 costs, under the Data Protection Act 1998.
Read the full Council Worker fined report here.
Data GRC provides practitioner services to help organisations mitigate their data protection and information security risks, and to develop appropriate management, physical, technical and operational controls.
We work with a number of industry standards including Cyber Essentials, ISO 27001, ISO 27002, NIST and PCI DSS, to help clients achieve recognised levels of control.
Click this link to discuss data protection and information security services.
Click this link for more Data Privacy, GDPR and Information Security guides.