Gateshead Council has admitted 19 data breaches in the 10 months following the introduction of the General Data Protection Regulations (GDPR). This series of breaches vary widely from psychologist’s reports being sent to the wrong address to a council worker losing a notebook containing a person’s information.
Despite admitting these breaches publicly, due to their nature Gateshead Council only had to report two of them to the Information Commissioner’s Office (ICO). One breach involved council workers uploading personal medical details of individuals to an online forum, however the ICO did not issue a fine in this case as the forum was only used by health professionals who were bound by a duty of confidentiality. The ICO has yet to rule on the other breach, which involved the names and addresses of 53 people owing money to the council being sent to an individual who is also in council tax arrears.
A representative of the council admitted that, ‘any organisation that deals with data will get breaches’. Gateshead Council has been giving training to their staff in response to the breaches, and those responsible for the errors have been reminded to keep addresses updates and double-check their work before pressing ‘send’.
Other breaches also included a fostering agency being sent information regarding a child that they were not in care of, a report sent in error by email to a solicitor and nine separate cases of correspondence regarding housing benefits or council tax being sent to the wrong recipients.
Although Gatehead Council are yet to be fined by the ICO, their actions have still led to the breach of personal data. If you’ve suffered as the result of this data breach, or one of a similar kind, then you can get in touch with us to find out how we could help you seek compensation against those who are to blame.
This story was originally published by the BBC.