What
Loss of sensitive personal data.
How much
About 1,500 records.
Why
A unencrypted USB memory stick containing the personal data of pupils was found by a member of the public.
Regulator
ICO
Regulatory action
Undertaking issued to ensure that all storage devices must be sufficiently encrypted. All staff must receive adequate training in order to fulfil their obligations under such a policy.
Reason for action
The USB stick was of poor quality and unencrypted. It does not appear to have been missed and adequate relevant policies and staff training were not in place.
When
20 April 2009
Links
View PDF of the Leasowes Community College Undertaking (Breach Watch Archive)