ICO to probe Essex council over data leak

Service users told their information 'has been compromised'

The Information Commissioner's Office is making enquiries into a leak of data possibly involving the details up to 400 users of services provided by Essex county council. The council said that all affected residents had been informed. It has not yet been confirmed that the leak amounts to an offence under the Data Protection Act.

A spokesman for the ICO said: "We will be making enquiries into the circumstances of the alleged breach of the Data Protection Act before deciding what action, if any, needs to be taken."

Essex council said it is conducting its own investigation into the information security of some of its users, although it did not confirm that. The council's investigation is centred on a former employee.

"Whilst the ex-employee had signed a declaration stating they had deleted the information and not shared it with anyone, it is our duty to inform service users that their information has been compromised," the council said in a statement.

"We do not believe there is malicious intent behind the incorrect use of data and the information involved is such that identity theft is minimal. However, we are asking those affected to be extra vigilant."

The council said it was unable to give specific details of the alleged breach at this stage, but the Total Essex website has reported that it occurred when "names, addresses and financial information about people in 'substantial' and 'critical' need of care were sent from the adults health and community wellbeing department to a computer outside of county hall".

This article was originally published at Government Computing.

Government Computing covers the latest news and analysis of public sector technology. For updates on public sector IT, join the Government Computing Network here.

Sponsored: 10 ways wire data helps conquer IT complexity