Breach details
| What | Disclosure of personal data. |
| How much | 4 records. |
| When | 06 February 2012, 24 August 2012, 30 August 2012 and 3 January 2013. |
| Why | Three of these breaches involved case files containing un-redacted third party personal information to a claimant’s solicitor and the claimant themself. The fourth breach involved the sending of a case of papers relating to an unfair dismissal claim to an individual, although the papers contained personal information relating to another individual’s claim. All four of these breaches were self-reported. The Solicitor’s Department have some measures in place to safeguard personal data but there are gaps which are preventing further compliance. |
Regulatory action
| Regulator | ICO | Action | Undertaking to comply with the seventh data protection principle. |
| When | 26 February 2014. |
| Details | The Solicitor’s Department is to implement a clear, documented procedure for the preparation of information for disclosure within six months, as well as creating a structured, formal procedure concerning communication requirements between Junior and Senior lawyers carrying out the disclosure process. Mandatory training about the requirements of the Act is also to be given to all staff. |
Links
| View PDF of the Treasury Solicitor’s Department Undertaking (Breach Watch Archive) |
| View PDF of the Treasury Solicitor’s Department Undertaking (Via ICO Website) |