Skipton Financial Services Limited

What
Inappropriate processing of personal data

How much
Unknown.

Why
An unencrypted laptop computer was stolen from Moore Stephens Consulting, who had been engaged to provide professional consultancy services to SFS in relationship to a software development project.

Regulator
ICO

Regulatory action
Undertaking issued to ensure that sensitive personal data must be encrypted. Risk assessments must be carried out to confirm the adequacy and effectiveness of technical and organisational security measures, including those taken by third parties.

Reason for action
The ICO had received a complaint about the data controller’s breach of the Seventh Data Protection Principle.

When
18 February 2008

Links
View PDF of the Skipton Financial Services Limited Undertaking (Breach Watch Archive)