Hounslow Council

Breach details

What Loss of sensitive personal information.
How much 698 records.
When 2010
Why Theft of unencrypted laptop from staff member’s home. There was no written contract in place with Ealing Council who processed the data.

Regulatory action

Regulator ICO
Action Monetary penalty of £ 70,000
When 8 February 2011

Why the regulator acted

Breach of act Theft of unencrypted laptop.
Inappropriate organisational and technical measures.
Known or should have known There were no policies requiring the encryption of laptops and the data processors policies were not monitored, despite the data controller having their own Information Security Policy.
Likely to cause damage or distress Personal information of clients.