NCL (Bahamas) Ltd

Loss of personal data.

How much
80 records.

A computer printout containing payroll information relating to the data controller’s UK employees was believed to have been stolen during an office move.


Regulatory action
Undertaking issued to ensure that physical security measures are at all times adequate to prevent unauthorised access to personal data. Staff must be made aware of and trained to follow the data controller’s policy for the storage, use, retention, or disposal of personal data. Adequate provision must be made for the secure transfer of personal data and procedures for this must be communicated to all staff, including removal contractors, in advance of any future office move or reorganisation.

Reason for action
The records were believed to have been stolen and were not suitably secure.

26 April 2010

View PDF of the NCL (Bahamas) Ltd Undertaking (Breach Watch Archive)