Treasury lawyers escape ICO fine

The Treasury Solicitor’s Department, which provides government legal services, has got away with a slapped wrist despite four separate blunders which exposed a cavalier attitude to handling personal data.
The department – which could have faced a fine of up to £500,000 – has instead been given six months to improve its data protection practices after an investigation by the Information Commissioner’s Office.
Between August 2011 and November 2012 the department incorrectly disclosed the personal information of individuals to third parties on four separate occasions.
In three of the cases, papers relating to various litigation cases were sent out to the claimants’ solicitors, while still containing the personal information of third parties that should have been redacted. In the fourth case, a bundle of case papers relating to an unfair dismissal case were sent to a complainant, but contained the personal data of an individual pursuing a separate claim.
The ICO has issued an undertaking that requires the Treasury Solicitor’s Department to improve its processes when redacting documents. This includes providing staff with a clear documented procedure to follow when preparing information for disclosure and providing a mandatory and comprehensive training programme for all new and existing staff.
ICO head of enforcement Stephen Eckersley said: “Data security is only as good as the weakest link in the chain. In this case, the Treasury Solicitor’s Department provided guidance to staff on how to prepare documents for disclosure, but there were clear gaps in the information provided and it wasn’t understood by their staff. This led to a series of data breaches over a 16 month period that could easily have been avoided.
“The nature of the work carried out by the Treasury Solicitor’s Department means that they should have recognised that they were failing in their legal duty to keep people’s information secure. However, delays in addressing these issues allowed further breaches to occur, which has resulted in today’s agreement between our office and the department to improve its practices.”