Data Blunder within Wolverhampton Council Leads to Details of 10,000 People Being Leaked
30th August 2016
The Information Commissioner’s Office has reported that some 9,858 workers payroll information has been mistakenly disclosed to a ‘third party’ source by the authorities due to an email ‘oversight’.
Employee’s from 73 various educational establishments have seen themselves become victim to the accident, which the commissioner’s office revealed occurred last year. The council of Wolverhampton have not divulged as to whether the data relates directly to the city’s teachers and schooling staff, and they have not yet confirmed whether those potentially affected have been informed of the leak.
Those in higher positions of power within the authorising body have now been given instructions to make staff take regular ‘refresher’ training sessions in how to handle data and data protection, as part of an ‘undertaking’ signed by managing director Keith Ireland, which also requests that the training sessions are monitored more closely.
In response to the incident, the report conducted by the Information Commissioners Office revealed that “The Information Commissioner was informed by the data controller on January 5, 2016, that personal information of employees at 73 educational establishments was sent in error to an external recipient via email. The information was held on a spreadsheet and contained personal data.
“On November 26, 2015, the data controller (Wolverhampton council) asked for a report to be produced by its payroll department. Due to an oversight the personal data of 9,858 data subjects was emailed to an external recipient. During the commissioner’s investigation, the data controller informed him that data protection training for staff members is mandatory on induction, and should be refreshed at regular intervals.
“However, the commissioner’s probe also revealed that the council does not have a reliable method of monitoring the completion of refresher training.”
The news comes just two years after the council was rebuked for its ‘startling’ failure to ensure that all staff members are training in data protection.
In 2014, the commissioners served as ‘enforcement notice’ onto the council of Wolverhampton with a warning that staff must be trained within 50 days.
As a result of the enforcement, the council then sent 5,785 of its employees and all 60 of their councillors for training, following the concerns.
The new reports following this recent incident said “The commissioner is satisfied that the terms of the enforcement notice were met. However, the commissioner remains concerned at the data controller’s failure to establish an effective mechanism to monitor and implement refresher training.”
Council spokesman Paul Brown said: “The City of Wolverhampton Council takes its responsibilities to comply with the requirements of the Data Protection Act and recommendations made by the regulator extremely seriously and have put in place a number of robust actions and procedures to address this isolated incident.”
Data Protection is vital to maintaining customer trust. Here at XPO confidentiality and customer assurance is our main priority. We offer a service that customers can have confidence and trust in.
“XPO have always provided a Reliable, efficient and easy to use service. Always on time and professional with the disposal of equipment.”
- Property Consultant, Birmingham Property Consultancy
Read full article here: http://www.expressandstar.com/news/2016/07/23/wolverhampton-council-in-data-leak-blunder/