From the what-the-HELL-were-they-thinking department:
A former local authority education worker who illegally shared personal information about schoolchildren and their parents has been prosecuted.
Samira Bouzkraoui, 24, took a screenshot of a council spreadsheet concerning children and their eligibility for free school meals before sending it to the estranged parent of one of the pupils via Snapchat.
The image included the names, addresses, dates of birth and National Insurance numbers of 37 pupils and their parents. She also sent a copy of a school admission record relating to another child.
The defendant was at the time employed as an apprentice in the schools admissions department of Southwark Council and had received training in data protection. She declined to answer any questions when interviewed by the Information Commissioner’s Office (ICO).
Bouzkraoui, of Scovell Road, London, appeared before Westminster magistrates and admitted three offences of unlawfully obtaining and disclosing personal data, in breach of s55 of the Data Protection Act 1998. She was fined £850 and was also ordered to pay £713 costs.
ICO Criminal Enforcement Manager Mike Shaw said:
“This is yet another example of how people whose jobs give them access to personal data can end up in serious trouble after allowing temptation to get the better of them.
”Parents have the right to know that their personal information, and that of their children, is being treated with respect and in accordance with the law. Anybody who ignores that right and that law has to accept the consequences.”
SOURCE: Information Commissioner’s Office
So what has Southwark Council done to prevent this from happening again? Everyone tells me that councils have very few resources on infosecurity, so…..?