A COUNCIL reported four serious personal data breaches to the Information Commissioner’s Office (ICO) last year.
Redcar and Cleveland Council said in a report that two of the breaches involved reports and paperwork being disclosed in error to individuals.
Another involved a “sensitive” report which it was alleged did not arrive at its intended destination, while there had also been one breach which was down to “unauthorised access” and the subsequent disclosure of information that occurred.
Read more: Family want to create Boro 'sea of red' after dad's death
The ICO is the UK’s independent body set up to uphold information rights in the public interest and promotes openness by public bodies, along with data privacy for individuals where required by law.
The report, to members of the council’s governance committee, said the organisation was “content with the actions already taken by the council” and did not require any corrective action.
It said: “The cases were closed without enforcement action or fine, although the council was asked to monitor and report back to the ICO if any detriment was subsequently identified as having been caused.”
General Data Protection Regulation (GDPR) requires all companies and organisations to report certain personal data breaches to the ICO within 72 hours of becoming aware of any breach.
Huge fines can be levied on them if basic principles for processing personal data set out by the law are infringed.
The report said: “It is normal for organisations the size of the council to incur data breaches, given the large amounts of personal data being processed and the presence of human error.
“But the steps the council takes to contain and recover from incidents and provide awareness are key to preventing recurrence.”
Read more: Defra carrying out further tests into crab deaths in the North East
The council said it had a robust reporting process around data breaches and there was a thorough evaluation of the seriousness of each breach reported, along with an assessment and investigation to determine the root cause so improvements to processes, if necessary, could be made.
Sixty data breaches in all between January and December last year were alerted to by staff, although the vast majority did not meet the ICO’s threshold for being reported to them.
A spokesman for the council said: “Any data breach is taken extremely seriously and four data breaches warranted reporting to the Information Commissioners Office in 2021.
“The authority is ensuring all relevant staff are updated on the latest procedures needing to be followed to protect information and data.”
Keep up to date with all the latest news on our website, or follow us on Facebook, Twitter and Instagram.
You can also follow our dedicated Teesside Facebook page for all the latest in the area by clicking here.
For all the top news updates from right across the region straight to your inbox, sign up to our newsletter here.
Have you got a story for us? Contact our newsdesk on newsdesk@nne.co.uk or contact 01325 505054
Comments: Our rules
We want our comments to be a lively and valuable part of our community - a place where readers can debate and engage with the most important local issues. The ability to comment on our stories is a privilege, not a right, however, and that privilege may be withdrawn if it is abused or misused.
Please report any comments that break our rules.
Read the rules here