• Plain English Guide to FOI launched
  The Information Commissioner has today published a new plain English Guide to Freedom of Information to help public authorities better understand what the Act says and how to apply it. The guide takes a straight-forward look at the law and explains in simple terms what organisations need to do to comply, including how to respond to requests and deciding what information they should routinely publish.

• Too many consumers being denied access to their information, says ICO
  Too many consumers are being denied the right to access the information that companies or public bodies hold about them, Information Commissioner, Christopher Graham, said today.

Praxis Care Limited lost the unencrypted material last August but the details have just emerged.

A care provider has lost a memory stick that held sensitive personal information about 53 people from Northern Ireland.

Praxis Care Limited lost the unencrypted material last August but the details have just emerged.

The company has been found to be in breach of the Data Protection Act and has been ordered by the Information Commissioner to improve its procedures.

All of those whose information was on the memory stick have been informed.

It was lost on the Isle of Man and also contained information about 107 people who live on the island.

Some of the information on the memory stick related to patients’ care and mental health.

The company now ensures all portable devices are encrypted and has updated its method of disposing of sensitive material.

Christopher Graham, the UK Information Commissioner, said: “Carrying people’s personal information around on an unencrypted memory stick is clearly unacceptable.

“The fact that some of the personal details stored on the device were out of date and so surplus to requirements makes this breach all the more concerning.

“The ICO will continue to work closely with other data protection regulators where it is clear that a data breach extends across national boundaries.”

In a statement, Praxis Care said: “Praxis Care can confirm it has agreed with the Information Commissioner measures to improve data security following the loss of service user information in August 2011 on the Isle of Man.

“The main element of the undertaking confirms the measures taken shortly after the incident to encrypt data and improve data handling.

“The data loss was promptly reported to the relevant authorities including the Information Commissioner. All service users affected were informed of the details of the lost information and received an apology from Praxis Care.

“Praxis Care is confident that the measures taken will greatly reduce the risk of future information loss.”

Note from the editor: Ensuring your portable data is encrypted is very simple and extremely cost effective. Consider the time / costs of having to inform all concerned and the potential of hefty fines from the ICO against the cost of a few IRONKEYS. Also, organisations should consider the potential damage to their reputation which could far exceed the cost of data breach remediation.

BACK to IRONKEY NEWS

• Action taken after care provider lost unencrypted memory stick
  A care provider with offices in Northern Ireland and the Isle of Man has taken action to improve its data protection practices following a joint ruling by the Information Commissioner’s Office and the Office of the Data Protection Supervisor.

• Health worker convicted of obtaining patient details unlawfully
  A former health worker has pleaded guilty to unlawfully obtaining patient information by accessing the medical records of five members of her ex-husband’s family in order to obtain their new telephone numbers.

• Receptionist unlawfully accessed sister-in-law’s medical details
  A receptionist who unlawfully obtained her sister-in-law’s medical records in order to find out about the medication she was taking has been found guilty of an offence under section 55 of the Data Protection Act.

• ‘Must try harder’ on cookies compliance, says ICO
  Website owners ‘must try harder’ on complying with the new cookies law the ICO said today, as it published its half term report on enforcing the new rules.

• ‘Significant progress’ made in spam texts investigation, says ICO
  ‘Significant progress’ has been made in identifying those responsible for sending spam texts, the Information Commissioner’s Office (ICO) said today. The update comes as figures from the ICO’s consumer survey show that 95% of people find spam texts either inconvenient, concerning or distressing.

• Powys County Council fined £130,000 for disclosing child protection case details
  The ICO has today served a monetary penalty of £130,000 to Powys County Council for a serious breach of the Data Protection Act where the details of a child protection case were sent to the wrong recipient.

• Estate agent prosecuted for offence under the Data Protection Act
  An estate agent yesterday pleaded guilty to the offence of failing to notify the Information Commissioner’s Office (ICO) that his business processes personal data.