Lost data concerns at Essex County Council raised by Big Brother Watch
- Credit: Lucy taylor
Privacy campaigners have slammed County Hall as it is revealed information was lost or leaked more than 100 times in three years.
Essex County Council has been ranked as the seventh-equal worst local authority in the UK by Big Brother Watch as a Freedom of Information (FoI) request showed there had been 106 data breaches between April 2011 and April 2014.
A further FoI request made by the East Anglian Daily Times earlier this year showed there had been a further 27 data breaches at the authority from January to April this year, one of which was serious enough to be referred to the Information Commissioner’s Office (ICO).
Two of the breaches in the last year were classed as major or critical, with one involving a service user’s parent alleging incorrect disclosure and loss of information by staff.
A total of 61 other reports were minor or near misses, with 30 of medium risk. Many of these involved emails or letters being sent to the wrong person, with two of the medium-risk incidents involving a stolen computer and unlawful disclosure of criminal convictions.
You may also want to watch:
Big Brother Watch found 4,236 data breaches nationally between April 2011 and April 2014, with Brighton and Hove Council topping the list at 190.
A total of 167 authorities reported no breaches at all, including Babergh, Mid Suffolk, Suffolk Coastal, Waveney and Ipswich councils.
- 1 How Suffolk voted in the county council elections 2021
- 2 First views of £1.5m new seafront cafe as hoardings removed
- 3 Driver convicted of killing friend in A12 crash
- 4 'Complete shock' - Neighbours stunned after cannabis farm uncovered
- 5 When Ipswich boss Cook will inform players of his contract decisions
- 6 Ed Sheeran to be Ipswich Town shirt sponsor for 2021/22
- 7 'It could have been a lot worse' - Thatched home owner thanks crews after fire
- 8 Teaching assistant wins unfair dismissal claim
- 9 Village pub given go-ahead to expand dining area
- 10 Police identify elderly man after incident involving young girl in village
The campaign group has called for custodial sentences to be introduced for the most serious data breaches after finding just one in ten resulted in disciplinary action and only one led to a prosecution, as well as a standardised reporting system.
Among the more bizarre incidents uncovered in the A Breach of Trust report was a CCTV operator at Cheshire East Council who used the cameras to watch part of the wedding of a colleague.
Suffolk County Council saw 93 incidents, of which 73 involved human error.
Just two breaches involved inappropriate access to data, with 18 incidents of data lost or stolen.
The authority involved police 11 times, took disciplinary action in two more and reported two cases to the ICO.
An Essex County Council spokesman said: “Putting these figures into context, Essex County Council is one of the largest local authorities in the country employing around 8,000 staff and proportionally we have much lower figures than other authorities who responded to this FOI.
“As an organisation we take information governance very seriously and this figure is really a sign of the work we have been doing to ensure all breaches are reported, however minor, as this allows us to improve and manage our procedures more effectively.”
Other public sector bodies in Essex have also seen a number of data breaches in the past year according to the East Anglian Daily Times’ FoI request made earlier this year.
Colchester Hospital University Foundation NHS Trust had 38 data breaches in 2014-15, all relating to confidential information, while the previous year there were 39 breaches, one of which involved medical records.
The level was described as “extremely small” in relation to the 700,000 patients treated per year by a trust spokesman, who added data protection and patient confidentiality was taken “extremely seriously”.
The East of England Ambulance Service Trust had 118 data breaches between April 2010 and March this year, with 29 in the past year. Six were deemed serious enough to send to the ICO.
Incidents included sharing personal data, including medical and criminal records with the wrong person or leaving them in an insecure location.
There have been 11 data breaches at Colchester Borough Council since 2012, eight of which were reported to the ICO.
Meanwhile Tendring District Council has seen just six data breaches since 2010, involving letters sent to the wrong recipient and a corrupt hard drive, which was unreadable, being lost.
Essex County Fire and Rescue Service has recorded no data breaches in the past five years.