Thursday, February 19, 2015
Welsh councils breached data laws 100 times in 2014
The BBC report that Welsh councils broke data protection laws 100 times in 2014, but this is a fall compared with the previous year.
They say that breaches include a list of addresses being lost in the street, personal data sent to the wrong address and records being found by a member of the public:
The law was broken 135 times in 2013 and 60 times in 2012.
Powys recorded the highest number of breaches in 2014 with 41 while Anglesey, Bridgend, Ceredigion, Merthyr Tydfil and Neath Port Talbot had none.
BBC Wales submitted a Freedom of Information request to all 22 Welsh councils and 19 responded.
Blaenau Gwent and Caerphilly failed to respond while Swansea did not deal with the request, saying details of data protection breaches are not recorded centrally.
These things happen of course. I am aware of at least one breach by Swansea Council for example. But that does not excuse them. All data controllers under the Data Protection Act have a duty to take precautions to prevent these breaches from happening.
They say that breaches include a list of addresses being lost in the street, personal data sent to the wrong address and records being found by a member of the public:
The law was broken 135 times in 2013 and 60 times in 2012.
Powys recorded the highest number of breaches in 2014 with 41 while Anglesey, Bridgend, Ceredigion, Merthyr Tydfil and Neath Port Talbot had none.
BBC Wales submitted a Freedom of Information request to all 22 Welsh councils and 19 responded.
Blaenau Gwent and Caerphilly failed to respond while Swansea did not deal with the request, saying details of data protection breaches are not recorded centrally.
These things happen of course. I am aware of at least one breach by Swansea Council for example. But that does not excuse them. All data controllers under the Data Protection Act have a duty to take precautions to prevent these breaches from happening.
