What

Loss of sensitive personal information.

How much

17 records.

Why

Theft of two unencrypted laptops from the Medical Day Centre.

Regulator

ICO

Regulatory action

Undertaking issued to ensure that additional measures are put to in place to ensure that data security policies are adhered to consistently. Any portable media must be suitably encrypted, or, if this is impossible due to the functions required, physical security must compensate for the additional risk.

Reason for action

This event followed a previously self reported security breach. The laptops were unencrypted and insufficiently secure.

When

14 July 2010

Links

Birmingham Children’s Hospital NHS Foundation Trust (Via ICO Website)

Birmingham Children’s Hospital NHS Foundation Trust (Breach Watch Archive)

What
Loss of sensitive personal information.

How much
Two records.

Why
Loss of documents containing sensitive personal data included in a plastic wallet with flight and accommodation details given to a social work employee flying to another UK city.

Regulator
ICO

Regulatory action
Undertaking issued to ensure that a proper risk assessment is carried out prior to the removal from the office environment of documents containing sensitive personal data and that they are sufficiently secure in transit.

Reason for action
It was felt that the implications of including the case documents with the travel documents during the journey had been insufficiently considered.

When
8 July 2010

Links

View PDF of Buckinghamshire County Council Undertaking (Via ICO Website)

View PDF of Buckinghamshire County Council Undertaking (Breach Watch Archive)

FCA/FSA (7)	£ 7,777,000
ICO DPA (55)	£ 5,573,500

Breach Watch

Data breaches and regulatory activities

Monthly Archives: July 2010

Birmingham Children’s Hospital NHS Foundation Trust

What

How much

Why

Regulator

Regulatory action

Reason for action

When

Links

Buckinghamshire County Council

Links