Two incidents of disclosure of sensitive personal information.
Information sent to incorrect email addresses.
Undertaking issued to ensure that the Council’s IT policy specifically makes it clear that data is not to be sent to personal emails.
Reason for action
Both incidents saw staff fail to adhere to the Council’s IT policy, regarding the encryption of data. However the policy did not explicitly prevent the sending to data to personal emails.
10 August 2011.