Loss of personal data.
Two unencrypted laptops were stolen from the internal audit offices in the Town Hall.
Undertaking issued to ensure that appropriate security measures are in place to ensure that laptops are safely stored and encrypted. Only personal data absolutely necessary for audit purposes may be downloaded to mobile devices All staff must be made aware of the data controller’s policy for the storage of personal data and be trained to follow it.
Reason for action
The laptops were not encrypted, password protected, or secured to immovable objects, in breach of a number of the data controllers’s internal policies and procedures, in which all staff had received training.
16 June 2009