Categories
Document Scanning

Leicestershire Council files stolen in burglary

Theft of a briefcase from a social worker’s home resulted in sensitive information going missing

Leicestershire County Council has breached the Data Protection Act after files containing the information of 18 cases of child neglect were stolen from a social worker’s home during a burglary, the Information Commissioner’s Office (ICO) has reported.  

The member of staff in question had requested to take the records home in order to continue working on them during the evening, but a break in at their property saw thieves take off with the briefcase that contained the sensitive documents.

Stephen Eckersley, the ICO’s head of enforcement, said: "Local authorities must recognise that social workers are handling some of the most sensitive information available."

"While Leicestershire County Council already recognised the risks associated with home working and had produced guidance for their staff, the guidance did not explain how papers containing personal information should be kept secure."

With the right training and clearer regulations for staff to follow when taking files home, the incident may have been avoided.

And as well as ensuring awareness among employees is high, the Council could have also implemented online legal document storage techniques that protect data and make sure records are only accessible to workers with an internet connection and sufficient clearance.

Considering that some businesses carry out document scanning and then secure their files on a network, the need for physical copies of records to be handed between colleagues is removed, and this is another factor that could have improved the protection of the data.

Such measures would have meant that the member of staff who was responsible for the loss of the files would never have had to take them home in the first place and could have simply logged onto the internet to continue reviewing the information.

Given that there are only so many working hours in the day, employees may often need access to sensitive company information outside of the office, and so these steps could be applied by a range of businesses to enhance security and facilitate staff who carry out extra work in the evenings.