A care provider has lost a memory stick that held sensitive personal information about 53 people from Northern Ireland.
Praxis Care Limited lost the unencrypted material last August but the details have just emerged.
The company has been found to be in breach of the Data Protection Act and has been ordered by the Information Commissioner to improve its procedures.
All of those whose information was on the memory stick have been informed.
It was lost on the Isle of Man and also contained information about 107 people who live on the island.
Read more on BBC. I’m not sure why they say details have just emerged as this breach was reported in the media months ago and covered on this blog.
From the undertaking signed by Praxis Care:
The Isle of Man Data Protection Supervisor (the ‘Supervisor’) and the UK Information Commissioner (the ‘Commissioner’) were both provided with reports about a single incident in August 2011, in which an unencrypted USB stick used as a backup and transfer device by one of the data controller’s employees was lost on the Isle of Man. The device contained some sensitive personal data about 107 data subjects on the Isle of Man, but also contained similar data about 53 data subjects in N Ireland dating from two or more years previously when the employee had worked there.