Feeds

Leicester nursery loses memory stick with children's details

Details of 80 children potentially AWOL

Mobile application security vulnerability report

Parents concerned that new government databases might lead to their children’s data being lost or stolen were this week able to pilot the experience courtesy of a Leicester-based nursery, which appears to have "misplaced" a data stick containing details of children in their care.

At time of writing, Leicester City Council, which is responsible for the nursery, could not confirm whether the stick was lost or stolen. Nor would it confirm the name of the nursery involved until parents had been fully informed.

The council has however launched the obligatory information, reported the matter to the police, and let the Information Commissioner know.

It also admits that details of around 80 children could be on the stick, including names, addresses, dates of birth and telephone numbers.

Council leaders apologised today and said the data should not have been stored on a memory stick in the first place.

Sheila Lock, the council’s chief executive said: "We take the issue of data security extremely seriously.

"From initial information available to me it is clear there has been a serious and unacceptable breach of our protocols around data storage and data loss.

"In light of this incident we are taking immediate steps to remind all of our staff about the strict rules we have in place."

For once, the body concerned appears to have had a reasonably sensible security policy in place. According to guidelines released in December, 2007:

"All council-owned data should be appropriately protected from unauthorised access. The level of protection will reflect the sensitivity of the material. In practical terms, this will be provided by password protection and/or encryption.

"At minimum this will involve password protecting the medium or documents being stored. However, sensitive personal data as defined by the DPA must be encrypted, using a minimum of 128-bit encryption. Higher levels of encryption should be used where they are available."

A council spokesperson added that "encryption software was made available to staff, along with training and guidelines on how to use it."

"We buy encrypted memory sticks which meet our standards, and instructions on their use are also made available," the spokesperson added.

All well and good. The only question remaining is whether staff at the nursery involved actually followed the council's policies.

In the meantime, parents and carers will be given support and advice on changing phone numbers or, in extreme circumstances, will even be offered help changing address. ®

Bridging the IT gap between rising business demands and ageing tools

More from The Register

next story
Just TWO climate committee MPs contradict IPCC: The two with SCIENCE degrees
'Greenhouse effect is real, but as for the rest of it ...'
Adam Afriyie MP: Smart meters are NOT so smart
Mega-costly gas 'n' 'leccy totting-up tech not worth it - Tory MP
'Blow it up': Plods pop round for chat with Commonwealth Games tweeter
You'd better not be talking about the council's housing plans
Arrr: Freetard-bothering Digital Economy Act tied up, thrown in the hold
Ministry of Fun confirms: Yes, we're busy doing nothing
ONE EMAIL costs mining company $300 MEEELION
Environmental activist walks free after hoax sent share price over a cliff
Help yourself to anyone's photos FOR FREE, suggests UK.gov
Copyright law reforms will keep m'learned friends busy
Apple smacked with privacy sueball over Location Services
Class action launched on behalf of 100 million iPhone owners
UK government officially adopts Open Document Format
Microsoft insurgency fails, earns snarky remark from UK digital services head
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Securing Web Applications Made Simple and Scalable
Learn how automated security testing can provide a simple and scalable way to protect your web applications.