ICO fine Cardiff Prison after intimate details of prisoners is released
Following a severe data breach, the Ministry of Justice (MoJ) has been fined £140,000 by the ICO. The MoJ risked the safety of 1,182 prisoners and their families as detailed information was sent via email to relatives of current inmates. The information sent contained the prisoner’s home addresses, their release dates and details of offences.
Upon investigation it was found that prisoner files were stored on unencrypted floppy disks and that no audit trail information was kept. In addition, there was a clear lack of management by the prison as the clerk had limited experience, minimal training and often worked unsupervised. The Data Protection Act requires that any personal information held by an organisation must be appropriately stored and if that data were to cause distress to those it refers to, then it must be encrypted. David Smith, Deputy Commissioner and Director of Data Protection voiced that “the potential damage and distress that could have been caused by this serious data breach is obvious”. Fortunately, this data breach has been localised yet had the data fallen into the wrong hands, the welfare risk to prisoners and their families would have been great.
Can you risk not securely encrypting your data? The consequences are far reaching and involve long term reputation damage, loss of business and expensive fines. Redstor is 100% privately UK owned and based, and can guarantee your data privacy will not be breached. We store data in 2 geographically separate and highly secure UK data centres and your data is encrypted prior to transit, so only you can access it. Your data remains encrypted at all times whilst on our platforms; there is therefore no risk of the data being read by an unauthorised 3rd party.
Security and data protection are at the forefront of Redstor’s offerings and we promise full compliance with the Data Protection Act. Redstor’s online backup service ensures data is safely backed up offsite in an encrypted format. Our cloud sync and share service, Centrastor, enables organisations to store and share files securely online from any device with an Internet connection and our CentraStage service enables support providers to guarantee that devices they support are regularly audited, patched and safely up-to-date for effective endpoint management. Our virtual disaster recovery service guarantees to have your systems up and running within minutes following a disaster. To find out more about our services and how we can help you comply with data protection laws and prevent data leakage, please contact us either by giving us a ring on 01189 515 200 or emailing [email protected].