London NHS Trust fined £90,000 for serious data breach
21 May 2012
Central London Community Healthcare NHS Trust has been fined £90,000 following a serious breach of the Data Protection Act, the ICO announced today.
ICO to revise publication scheme requirements
17 May 2012
The ICO has today announced that new changes will be made to the information public authorities will need to release proactively as part of their publication scheme.
Council fined £70,000 for losing highly sensitive data
16 May 2012
The London Borough of Barnet has been issued with a penalty of £70,000 for losing paper records containing highly sensitive and confidential information, including the names, addresses, dates of birth and details of the sexual activities of 15 vulnerable children or young people.
ICO statement on the Draft Communications Data Bill
9 May 2012
The ICO has issued a statement in response to the Draft Communications Data Bill.
ICO statement on the NHS Risk Register ministerial veto
8 May 2012
The ICO has issued a statement in response to the news that the Secretary of State for Health, Andrew Lansley, will be imposing the ministerial veto in relation to the disclosure of the NHS Risk Register.
ICO issues first penalty to the NHS following serious data breach
30 April 2012
A Welsh health board has become the first NHS organisation to be served a monetary penalty following a serious breach of the Data Protection Act, the ICO said today.
ICO report finds many people becoming a ‘soft touch’ for online fraudsters
25 April 2012
The ICO is urging consumers to take better care of their data, following an investigation into the trade in used hard drives. The ICO has published new guidance to help individuals securely delete personal information from their old devices.
ICO statement: London Marathon website possible data breach
24 April 2012
The ICO has responded to reports of a possible data breach on the London Marathon website.
ICO statement: response to concerns over Cabinet Office data sharing proposals
24 April 2012
The ICO has published a statement in response to concerns over Cabinet Office data sharing proposals.
Leicestershire County Council in data breach
17 April 2012
Leicestershire County Council have breached the Data Protection Act, following the theft of a briefcase containing sensitive personal data from a social worker’s home, the Information Commissioner’s Office said today.
Online security flaw leads to data breach at Toshiba
17 April 2012
Toshiba Information Systems (UK) have breached the Data Protection Act (DPA) after the personal details of 20 competition entrants were compromised by a security flaw on their website, the Information Commissioner’s Office (ICO) said today.
ICO statement on Operation Motorman
10 April 2012
The ICO has published a statement in response to the publication of material from the Operation Motorman files.
ICO statement: Response to concerns around government plans to monitor online communications and calls
2 April 2012
The ICO has responded to concerns around government plans to monitor online communications and calls.
Company directors use council employee to illegally access tenants’ details
30 March 2012
A Slough letting agent and one of its directors who unlawfully obtained details about their tenants from a rogue employee at Slough Borough Council have been found guilty of committing offences under Section 55 of the Data Protection Act 1998 (DPA).
Warwickshire-based company in medical data breach
27 March 2012
A Warwickshire-based company has committed to taking action to protect personal data, following a breach of the Data Protection Act (DPA).
Government departments speed up FOI response times – but six new public authorities told to improve
20 March 2012
The Information Commissioner has today welcomed improvements by the Ministry of Defence (MoD) and the Cabinet Office in their response times to freedom of information (FOI) requests. But, six more public authorities, including the Welsh Government, have been required to sign undertakings committing them to speeding up the time it takes to respond to requests.
Lancashire Constabulary receives penalty after loss of missing person’s report
14 March 2012
The ICO has served a monetary penalty of £70,000 to Lancashire Constabulary after papers containing sensitive information about a 15 year old girl were found on a street in Blackpool. This is the first penalty the ICO has served to a police force.
Scottish charity signs ICO undertaking following personal data theft
9 March 2012
A Scottish charity - based in Glasgow - breached the Data Protection Act after two unencrypted memory sticks and papers containing the personal details of up to 101 individuals were stolen from an employee’s home.
ICO statement on Department for Education decision notice
2 March 2012
The ICO has published a statement regarding a decision it issued in the case involving a request for information in an email sent by the Secretary of State for Education on a private email account.
University published personal data in online training manual
1 March 2012
Durham University breached the Data Protection Act after disclosing personal information in training materials published on its website, the ICO said today.
The Information Commissioner presents ministerial veto report to Parliament
29 February 2012
The Information Commissioner has presented a report to Parliament setting out his response to Attorney General, Dominic Grieve’s, recent freedom of information veto.
Letting agent unlawfully tried to access tenant’s benefit details
27 February 2012
A letting agent who unlawfully tried to obtain details about a tenant’s finances from the DWP has been found guilty of an attempt to commit an offence under section 55 of the Data Protection Act and the Criminal Attempts Act.
Private detectives jailed for blagging: ICO statement
27 February 2012
The Information Commissioner has published a statement in response to today's convictions under the Fraud Act.
Council fined for serious email disclosure
15 February 2012
Cheshire East Council has been ordered to pay a monetary penalty of £80,000 for failing to take appropriate measures to ensure the security and appropriateness of disclosure when emailing personal information, the ICO said today.
Councils fined for serious data breaches
13 February 2012
The ICO has served monetary penalties totalling £180,000 to two councils for failing to keep highly sensitive information about the welfare of children secure. These latest penalties bring the total amount served by the ICO to organisations found in serious breach of the Data Protection Act to over one million pounds.
Councils must take data protection seriously, Information Commissioner warns
10 February 2012
Five councils breached the Data Protection Act by failing to keep people’s personal information secure, Information Commissioner, Christopher Graham, said today.
ICO statement on Devolution minutes
8 February 2012
The ICO has published a response to the government's decision to veto disclosure of minutes from the Cabinet Committee on Devolution.
Financial company loses over 600 customers’ details
3 February 2012
A financial services company with operations in the UK, USA and Middle East breached the Data Protection Act by losing over 600 customers’ personal details, the ICO said today.
Plain English Guide to Freedom of Information launched
30 January 2012
The Information Commissioner has today published a new plain English Guide to Freedom of Information to help public authorities better understand what the Act says and how to apply it.
Midlothian Council handed penalty for five serious data breaches
30 January 2012
The ICO has imposed a monetary penalty of £140,000 on Midlothian Council for disclosing sensitive personal data relating to children and their carers to the wrong recipients on five separate occasions. The penalty is the first that the ICO has served against an organisation in Scotland.
Too many consumers being denied access to their information, says ICO
27 January 2012
Too many consumers are being denied the right to access the information that companies or public bodies hold about them, Information Commissioner, Christopher Graham, said today.
ICO statement: Initial response on the proposal for a new general Data Protection Regulation
25 January 2012
The ICO has issued a statement on the European Commission's proposal.
Action taken after care provider lost unencrypted memory stick
18 January 2012
A care provider with offices in Northern Ireland and the Isle of Man has taken action to improve its data protection practices following a joint ruling by the Information Commissioner’s Office and the Office of the Data Protection Supervisor.
Health worker convicted of obtaining patient details unlawfully
12 January 2012
A former health worker has pleaded guilty to unlawfully obtaining patient information by accessing the medical records of five members of her ex-husband’s family in order to obtain their new telephone numbers.