|Sensitive personal data incorrectly made available on a planning portal
|Two records. This included birth details, private telephone numbers and personal medical information in one case, and physical and mental health details in the other.
|An individual’s personal information was made publicly available via a planning portal on the Council’s website. This occurred after documents were given the wrong planning reference number and then placed in an open access, rather than secure, folder. As a result personal information was not deleted from the documents prior to them being posted. In addition to this incident, a record held in the Council’s social care database was compromised by the inappropriate actions of two employees. A local governmental reorganisation in April 2009 had left Central Bedfordshire Council and the data controller with non-relevant records which were in the process of being removed at the time of the incident.