‘Shockingly lax attitudes’ to confidential information found at councils - and Peterborough City Council is one of the worst offenders

Peterborough City Council news from the Peterborough Telegraph - peterboroughtoday.co.uk, @peterboroughtel on Twitter, Facebook.com/peterboroughtoday
Peterborough City Council news from the Peterborough Telegraph - peterboroughtoday.co.uk, @peterboroughtel on Twitter, Facebook.com/peterboroughtoday
Have your say

Peterborough City Council reported more data breaches in a three year period than almost any other authority in the UK new research has found.

A study discovered sensitive personal information has been lost or stolen in thousands of data breaches by councils, Peterborough being ranked as the fourth worst offender nationwide, recording 160 instances of data being breached between April 1, 2011 and April 1, 2014.

Local authorities nationwide recorded a total of 4,236 data breaches in three years from April 2011 - a rate of almost four every day, the study by privacy campaign group Big Brother Watch found.

Find out more about Big Brother Watch at bigbrotherwatch.org.uk.

Sensitive or confidential information was compromised in 260 of the cases, while breaches involved personal data linked to children on 658 occasions.

In some cases council staff were found to have accessed material “for personal interest”.

Big Brother Watch called for custodial sentences to be introduced for the most serious data breaches after finding just one in 10 resulted in disciplinary action and only one led to a prosecution.

Director Emma Carr said: “Despite local councils being trusted with increasing amounts of our personal data, this report highlights that they are simply not able to say it is safe with them.

“A number of examples show shockingly lax attitudes to protecting confidential information. For so many children and young people to have had their personal information compromised is deeply disturbing.

“With only a tiny fraction of staff being disciplined or dismissed, this raises the question of how seriously local councils take protecting the privacy of the public.”

The report, based on responses to freedom of information requests, said data was lost or stolen on 401 occasions, while there were 628 instances of incorrect or inappropriate information being shared on emails, letters and faxes.

More than 5,000 letters were sent to the wrong address or included content meant for another recipient, while there were 99 cases of unauthorised access to or disclosing of data.

Researchers also found that a total of 197 mobile phones, computers, tablets and USBs were lost or stolen.

More than two in three incidents led to no disciplinary action at all, while staff resigned in 39 cases and 50 employees were dismissed.

A Peterborough City Council spokesman said: “The vast majority of breaches are very low in terms of the number of people affected, which illustrates how effective our reporting is.

“We have invested a lot of time into staff training to raise awareness, and this has led to a significant drop in breaches over the last 12 months.

“We treat the data we hold very seriously and will continue to take a tough approach on data breaches, acting quickly if a future breach occurs.”

Examples of breaches include:

- A social worker at Lewisham City Council accidentally left a bundle of papers on the train. It included personal or sensitive data relating to 10 children such as detailed confidential records about the children and family with names, addresses and dates of birth. It also included “third party information” in relation to sex offenders as well as police reports and child protection reports. The individual resigned during disciplinary procedures.

- A CCTV operator at Cheshire East Council watched part of the wedding of a fellow member of their team. They were issued with “management instruction” on future use of equipment.

- An unencrypted laptop containing the details of 200 schoolchildren was stolen from Aberdeenshire City Council. It was later recovered. No disciplinary action was taken but the matter was reported to the Information Commissioner’s Office.

- An employee at Thanet in Kent was dismissed after accessing benefit claim records “inappropriately”.

- In Portsmouth a member of staff was sacked for passing “highly sensitive confidential” information to a third party.

Freedom of information requests were sent to all local authorities in the United Kingdom. Big Brother Watch said 167 town halls reported no data breaches at all over the period.

Local authorities that reported the highest number of data breaches -1 April 2011 to April 1 2014, according to Big Brother Watch:

Brighton and Hove 190

Sandwell 187

Telford and Wrekin 175

Peterborough 160

Herefordshire 157

Glasgow City 128

Doncaster 106

Essex 106

Lincolnshire 103

Wolverhampton 100

Hammersmith and Fulham 99