TMCnet News
Fine imposed after prison data breach [Western Daily Press (UK)](Western Daily Press (UK) Via Acquire Media NewsEdge) The Ministry of Justice has been fined Pounds 180,000 by the data watchdog for serious failings in the way prisons have been handling information relating to inmates, victims and visitors. The Information Commissioner's Office (ICO) served the government department with the penalty following the loss of a back-up hard drive at HMP Erlestoke prison in Wiltshire in May last year. The hard drive, which was not encrypted, contained sensitive and confidential information about 2,935 prisoners, including details of links to organised crime, health information, and history of drug misuse, as well as material about victims and visitors. The ICO's investigation into this blunder discovered the prison service did not realise that an encryption option, designed to protect data on backup hard drives, needed to be turned on to work correctly - meaning information was being insecurely handled at all 75 prisons in England and Wales. The loss of the Wiltshire hard drive followed a similar case in October 2011, when the ICO was alerted to the loss of another unencrypted hard drive containing the details of 16,000 inmates at HMP High Down in Surrey. In response to the first incident, the Prison Service provided new hard drives to 75 jails across England and Wales. ICO head of enforcement Stephen Eckersley said: "The fact that a government department with security oversight for prisons can supply equipment to 75 prisons throughout England and Wales without properly understanding, let alone telling them, how to use it, beggars belief. The result was that highly sensitive information was insecurely handled for over a year." The number of prisons that had unsecured hard drives 75 (c) 2014 ProQuest Information and Learning Company; All Rights Reserved. |