The London Borough of Sutton has been told to encrypt mobile devices and train staff after a run of incidents in which it has lost people's personal information.
The Information Commissioner's Office has reprimanded the borough after it lost a paper file with data on 73 social-care clients and had two unencrypted laptops stolen.
The first, taken from a locked cupboard in a children's hospital, contained information on nine children being taught by an LB Sutton teacher, while the second, which had social-care data on 39 people, was stolen from an employee's home.
In the undertaking signed by the council's chief executive Paul Martin, the ICO noted that nine administrative computers used to access data on network servers have been stolen. These may have contained downloaded files, although this is in breach of policy.
The undertaking requires Sutton to encrypt portable and mobile devices if they hold personal data; use "adequate" physical security measures to protect information; ensure the borough's policies on storing and using personal data are followed; and run awareness work and training for staff on those policies.
"I urge all organisations to implement the appropriate safeguards to ensure personal details are stored and processed securely," said Sally-Anne Poole, the ICO's head of enforcement and investigations, adding that she was pleased with the remedial action LB Sutton has agreed to undertake.
Talkback
Why oh why do they haft to to be told this! there like baby's you haft to take by the hand all the time, I bet they never even blocked them stolen laptops from the server side either.
Complete idiots.