Search

How can we help?

Icon

“Systematic Failings” on Data Protection leads to a £15,000 fine

Following on from the case reported last month on data protection (”Failing to anonymise – the cost”), a nursing home in Northern Ireland has received a fine of £15,000 from the Information Commissioner’s Office (“ICO”), following the burglary of the home of one of its staff members.

During the burglary, an unencrypted work laptop was stolen. The laptop contained sensitive personal data, including medical information, on the nursing home’s 29 residents (including “do not resuscitate” orders) and personal data on the 46 members of staff.

The ICO’s subsequent investigation found the nursing home had no policies in place regarding the use of encryption, working from home and the storage of mobile devices. Data security training was also found to be lacking. In issuing the fine, the ICO said there had been “systematic failings” at the nursing home.

The fine was issued despite the nursing home referring themselves to the ICO, no complaints being made by any of the staff or residents’ families and no confirmation that the information had been further disseminated. In determining the level of the fine, the nursing home received some credit for having self-reported its breach to the ICO.

The ICO’s subsequent investigation found the nursing home had no policies in place regarding the use of encryption, working from home and the storage of mobile devices.

The amount of the fine reflected the size of the business, with the ICO stating that a bigger organisation experiencing a similarly serious breach should expect to receive a much larger fine. The case therefore acts as a timely reminder that all businesses must take their legal duties to look after personal data seriously and should ensure adequate policies, procedures and equipment are in place.  Simply having a work laptop password protected will not fulfil this duty.

For useful data protection factsheets, checklists and templates, please visit employmentbuddy.com 

For further advice on how to protect your business against data protection and privacy claims, please contact our employment lawyers on employment@clarkslegal.com 

Disclaimer

This information is for guidance purposes only and should not be regarded as a substitute for taking legal advice. Please refer to the full General Notices on our website.

Author profile

About this article

Read, listen and watch our latest insights

art
  • 23 April 2020
  • Immigration

Received a sponsor licence decision – these are the next steps you should take’

The long wait is over, and you now have a sponsor licence decision. If everything was done correctly, you should either have a grant, which means you are now licenced to sponsor migrant workers, or your application has been refused. In this blog, we look at how to deal with these decisions…

art
  • 20 April 2020
  • Immigration

What is a Sponsor licence and why should you apply?

As a part of its immigration system, it requires companies to have a sponsor licence before they can sponsor non-EU employees.

art
  • 17 April 2020
  • Employment

Going global

The Small to Medium Enterprise (SME) sector is vital to building long term economic resilience everywhere, in developed and emerging markets.Leaders cannot, however, work successfully in limited markets that constrain growth. They need to understand and participate in global markets that suit their business.

art
  • 16 April 2020
  • Employment

Furlough Update: Government change calculation date to 19th March

Redundancy should be an employer’s last option when restructuring their business. There are necessary steps that should be taken to ensure that redundancy is the best move forward

art
  • 07 April 2020
  • Immigration

How to sponsor overseas workers

A business will usually consider sponsoring overseas workers when they require a particular skill for their business that cannot be sourced in the UK.

art
  • 01 April 2020
  • Employment

Take a deep breath: Managing stress in the workplace

April 2020 is Stress Awareness Month. Employers should pay attention to how they can best look out for their employees in the workplace particularly during these times of global crisis and alternative working arrangements.