|Inappropriate disclosure of sensitive personal data on five separate occasions.
|Personal data relating to children and their carer were sent to the wrong recipients on five separate occasions.
|Monetary penalty of £ 140,000
|30 01 2012
Why the regulator acted
|Breach of act
|Multiple letters were sent to the wrong recipient.
Inappropriate organisational and technical measures.
|Known or should have known
|Following the first breach the risk was clear, yet 4 more breaches occurred over the next month.
|Likely to cause damage or distress
|Personal information of vulnerable individuals.
|View PDF of the Midlothian Council Monetary Penalty Notice (Breach Watch Archive)
|View PDF of the Midlothian Council Monetary Penalty Notice (Via ICO Website)