A social care charity has been served a monetary penalty of £70,000 after highly sensitive information about the care of four young children was lost after being left outside a London home, the Information Commissioner’s Office (ICO) announced today.
A social worker, who worked for Norwood Ravenswood Ltd, left the detailed reports at the side of the house on 5 December 2011 after attempting to deliver the items to the children’s prospective adoptive parents. At the time neither occupant was at the house, but when they returned to the property the reports were gone. The information has never been recovered.
The reports contained sensitive information, including details of any neglect and abuse suffered by the children, along with information about their birth families. The ICO’s investigation found that the social worker had not received data protection training, in breach of the charity’s own policy, and received no guidance on how to send personal data securely to prospective adopters.
Read more on the ICO’s site. The monetary penalty provides a somewhat fuller picture of the incident:
On 5 December 2011, a social worker employed by the data controller (which was acting in this case as an adoption agency) obtained from two local authorities background reports relating to four children (aged 5 or 6) who were in care, so that she could inform the prospective adopters of any potential issues that may arise when caring for the children. The social worker went that evening to the home of the prospective adopters (a couple) to deliver the background reports by hand, but they were both out. The package would not fit through the letter-box so the social worker telephoned the prospective adopters to inform them that she had left the package in a concealed area at the side of the house. When the prospective adopters returned home approximately 30 minutes later the package had disappeared.
So very human…. but so very wrong.