ICO fined Hampshire County Council with 100,000 GBP

The ICO fined Hampshire County Council with 100,000 GBP due to a data breach.

The fine was the result of missing measures protecting personal information against unauthorized access: Documents containing personal information of more than 100 data subjects were stored in an abandoned building. Furthermore, 45 bags of confidential waste were also found.

Hampshire County Council released a statement saying that “We are very sorry that this incident occurred. Hampshire County Council takes the management and protection of its data very seriously. Accordingly, appropriate procedures were in place at the time, but unfortunately, on this occasion, the process was not fully adhered to. However, at no time was any information disclosed outside of the site”.

Furthermore the statemet points out that “Immediate steps were taken to investigate the matter fully, and remedial action was taken. This has included strengthened and improved processes in the removal of, and destruction of, confidential waste from vacated buildings.”

The statement highlights that Hampshire County Council reported the incident to the ICO as soon as they became aware of it and that they have cooperated fully at all stages of the ICO’s investigation.