Title

The handling of sensitive data by councils is far worse than official estimates, CLG has admitted. Following a stinging report by information commissioner Richard Thomas, a senior official at the department warned that the level of data losses by local authorities is worse than was reported. The MJ was told: ‘There is much more to this; 26 local councils are only the start. This is the tip of the iceberg.' Mr Thomas, in a speech on his report, also expressed concern that the lapses he has investigated were only a small fraction of the reality. He said: ‘I recognise that some breaches are being discovered because of improved checks and audits as a welcome result of taking data security more seriously. ‘But the number notified to us must still be well short of the total. ‘How many PCs and laptops are junked with live data? How many staff do not tell their managers when they have lost a memory stick, laptop or disc?' In the latest incident, Scottish Borders Council confirmed it is investigating how the email addresses of hundreds of private landlords were distributed on an electronic email. Whitehall chiefs were also left embarrassed when a Home Office review revealed 38 staff at the Security Industry Authority, which vets security staff, were not vetted themselves. Chief executive Mike Wilson quit as a result. Currently there is no legal obligation on councils to report breaches of security to the commissioner. A spokesman for the Information Commissioner urged the CLG to reveal the extent of the problem. That call was echoed by the Local Government Association, which said: ‘We are extremely keen to have the evidence that CLG has so that we can assertain just how serious this issue is. It is absolutely right that it should be shared with the information commissioner and LGA so we can take urgent steps to ensure people's private data is protected.'

Title

WHITEHALL

Councils' reported data losses are just the 'tip of the iceberg'

SUBSCRIBE TO CONTINUE READING