Mis-sent emails cost Stoke council £120,000

The Information Commissioner’s Office has fined Stoke-on-Trent City Council £120,000 for a breach of the Data Protection Act.

In December last year, a solicitor at the council sent 11 emails containing "highly sensitive" information relating to a child in care to the wrong address.

"The ICO’s investigation found the solicitor was in breach of the council’s own guidance which confirmed that sensitive data should be sent over a secure network or encrypted," it said in a statement.

"However, the council had failed to provide the legal department with encryption software and knew that the team had to send emails to unsecure networks. The council also provided no relevant training."

It also pointed out that a similar breach had occurred in 2010, but the issue had not been resolved.

"The council has now introduced new measures to improve the security of information sent electronically, as well as signing a legal notice to improve the data protection training provided to their staff," the ICO said. "This should limit the chances of further personal information being lost.”

Avatar photo

Ben Rossi

Ben was Vitesse Media's editorial director, leading content creation and editorial strategy across all Vitesse products, including its market-leading B2B and consumer magazines, websites, research and...

Related Topics