|What||Loss of sensitive personal information.|
|How much||698 records.|
|Why||Theft of unencrypted laptop from staff member’s home. There was no written contract in place with Ealing Council who processed the data.|
|Regulator||ICO||Action||Monetary penalty of £ 70,000|
|When||8 February 2011|
Why the regulator acted
|Breach of act||Theft of unencrypted laptop.
Inappropriate organisational and technical measures.
|Known or should have known||There were no policies requiring the encryption of laptops and the data processors policies were not monitored, despite the data controller having their own Information Security Policy.|
|Likely to cause damage or distress||Personal information of clients.|
|View PDF of the Hounslow Council Monetary Penalty Notice (Breach Watch Archive)|
|View PDF of the Hounslow Council Monetary Penalty Notice (Via ICO Website)|