Lincolnshire County Council is one of the worst offenders in the country for mishandling our personal data according to a shock report that exposes authorities where confidential information is lost, stolen or “used inappropriately”.
Our county council had the ninth highest number of data breaches out of hundreds of British authorities in the three years to April 2014.
Unlike some councils that replied to a Freedom of Information request from Big Brother Watch, Lincolnshire County Council didn’t outline the types of information its employees breached.
Other authorities admitted things like adoption files being kept in a former council employee’s house, disclosure of confidential information relating to a child and “inappropriate comments posted on social media about confidential work matters”.
Lincolnshire County Council had 103 data breaches. One case saw an employee sacked while another incident resulted in disciplinary action – leaving a staggering 101 cases where no disciplinary action was taken.
Only two of Lincolnshire’s district councils, South Kesteven and West Lindsey, had data breaches.
South Kesteven dismissed an employee for accessing “personal information for personal interest” and had a case where an employee resigned during the disciplinary process after being accused of a similar breach.
West Lindsey’s lone case saw an employee disciplined for “inappropriately accessing data from the customer information system”.
Big Brother Watch director Emma Carr said: “Despite local councils being trusted with increasing amounts of our personal data, this report highlights that they are simply not able to say it is safe with them.
“A number of examples show shockingly lax attitudes to protecting confidential information. For so many children and young people to have had their personal information compromised is deeply disturbing.”
Among the campaign group’s findings nationally were:
• 658 breaches involving personal data linked to children
• 628 incidents where wrong or inappropriate information was shared in emails, faxes or letters
• 197 mobile phones, computers, tablets and USBs lost or stolen
• 5,000-plus letters sent to the wrong address or including content meant for another recipient
Lincolnshire County Council’s chief information and commissioning officer Judith Hetherington Smith said: “This report shows that we take the safety of personal information very seriously.
“From 27 English county councils, ten didn’t provide this information.
“We were able to respond because we have a clear process for staff to follow if data protection regulations are breached.
“We record each incident and investigate every one – no matter how minor the breach. Where appropriate we contact people affected by data breaches to advise that an incident has occurred.
“The majority of reported breaches are due to genuine staff errors which are difficult to prevent, however all of our staff already carry out compulsory training in protecting personal information.
“Some of the incidents involved IT equipment being stolen or lost. We encrypt all of our IT devices to make the chances of personal data being retrieved from them very low. We use secure email services to transfer personal information and review our policies regularly to ensure we change our procedures if necessary.”
A South Kesteven District Council spokesman said the authority “cannot comment on individual cases due to confidentiality of disciplinary procedures”.