Elaine Edwards reports:
Three large insurance companies have pleaded guilty to illegally using social welfare information on individuals which they obtained through a private investigator.
FBD, Zurich and Travelers Insurance all pleaded guilty to 10 sample charges each after they were prosecuted for breaches of the Data Protection Act.
The prosecutions followed a complaint from the Department of Social Protection in December 2010 after it emerged an official in a regional office had allegedly been providing personal information on individuals to other parties. The Department had noticed an unusual pattern of access to its systems by the official concerned, in conjunction with phone calls from the official to two particular numbers.
[…]
Information found at the insurance firms, which the Department of Social Protection subsequently confirmed was from its records, included individuals’ dates of birth, PPS numbers, addresses, employment history and information on claims made from the department.
While the individuals whose personal information was exposed were not named in court, the court heard that in a number of cases the details obtained by the insurance companies also included information on spouses.
[…]
In total, the details of about 70-80 individuals are understood to have been accessed. About 15 people were the subjects of the 30 sample charges to which the companies pleaded.
All three companies offered to make donations of €20,000 to charity. They will also pay the Data Protection Commissioner’s legal costs.
Read more on Irish Times.
Would be nice to know how much money the insurance companies saved by using/misusing the information. Is €20,000 more than their costs and savings combined or did they still benefit financially by the illegal action?
They can say they accessed 70-80 people, but I wonder what the total number of people they had in front of them. If they contacted several people, they could come up with trends, analyze the information for a decent output and contact them without relating to the files at all.
20,000 seems a little low, but so is the amount of people affected. I guess you have to start somewhere. At least they seem to fine on a regular basis, and they have been “marked” as a corporation that can have shady practices. I just hope that part is clear and available to all.
Charity Donation? I wonder – will they write that off and boast a Press Release when they donate it? I think it should go towards at IT based cahritable organization, or a scholarship program for an IT based degree, with cashola managed by the state.
If the courts would have made them pay for a 3rd party auditing of how things are working within the company pertaining to security and trust issues, maybe more would be uncovered. = X