DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

UK: ICO announces two undertakings following theft of sensitive personal data

Posted on July 15, 2015 by Dissent

The Information Commissioner’s Office announced two undertakings today.

The first, involving Western Health & Social Care Trust follows two incidents. One incident concerned the theft of two computers from Trust premises during a burglary on October 8, 2013.  The computer contained sensitive personal data relating to the provision of specialist mental health services by a retired employee. Although investigation determined that the information had been deleted from the desktop, there was a risk it could still be retrieved from the hard drive. So there was unencrypted information that could have: (1) been stored offline, and (2) the Trust could have more securely deleted the sensitive information. 1

The second incident was reported to the ICO in June 2014 after photocopied medical records disclosed to an individual in response to a subject access request (SAR) contained information about two other patients.

You can read the Western Health & Social Care Trust undertaking here (pdf).

The ICO also announced an undertaking had been signed by Rochdale Borough Council. The ICO had been contacted by a member of the public that the individual had found social care papers in a public place. The paper files had been held in a cotton bag and had been stolen from the boot of a social worker’s car between the evening of 5 January and the morning of 6 January 2014. The papers contained personal data relating to 86 individuals. Sensitive personal data, including health, mental health, and sexual offence data was included in the files of 29 of those individuals. On investigation, the ICO determined that the social care worker had violated policy by removing too much information from the office, and, also importantly, had never received data protection training, despite having worked for the council for 18 months by the time of the incident.

You can read the Rochdale Borough Council undertaking here (pdf).

Category: Government SectorHealth DataNon-U.S.Theft

Post navigation

← More than 70 targeted in global takedown of hacker forum Darkode
LA: Customers at Houma buffet victims of $20,000 in credit card fraud →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Texas gastroenterology and surgical practice victim of ransomware attack
  • Romanian Citizen Pleads Guilty to ‘Swatting’ Numerous Members of Congress, Churches, and Former U.S. President
  • North Dakota Enacts Financial Data Security and Data Breach Notification Requirements
  • Pro-Ukraine hacker group Black Owl poses ‘major threat’ to Russia, Kaspersky says
  • Vanta bug exposed customers’ data to other customers
  • Lyrix Ransomware Targets Windows Users with Advanced Evasion Techniques
  • Central Maine Healthcare tackles suspected cybersecurity issue; hospitals remain open
  • Cartier Data Breach: Luxury Retailer Warns Customers that Personal Data Was Exposed
  • Beyond the Pond Phish: Unraveling Lazarus Group’s Evolving Tactics
  • Akira doesn’t keep its promises to victims — SuspectFile

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Supreme Court Agrees to Clarify Emergency Situations Where Police Don’t Need Warrant
  • Stewart Baker vs. Orin Kerr on “The Digital Fourth Amendment”
  • Fears Grow Over ICE’s Reach Into Schools
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • She Got an Abortion. So A Texas Cop Used 83,000 Cameras to Track Her Down.
  • Why AI May Be Listening In on Your Next Doctor’s Appointment
  • Watch out for activist judges trying to deprive us of our rights to safe reproductive healthcare

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.