The Information Commissioner’s Office (ICO) has slapped Plymouth City Council with a £60,000 fine after details of a child neglect case were sent to the wrong person.
According to the ICO’s investigation, a social worker at the council sent a document containing sensitive information to a printer on a different floor. Another social worker at the council picked up three pages of the report when collecting another document from the same printer.
The pages were then sent to another family, unconnected to the child neglect case.
The report contained highly sensitive information about two adults and their four children, the ICO said.
The family that mistakenly received the three pages telephoned the council to report the error. The ICO said the document was revered within two hours. However the investigation also revealed that the family who received the report contacted the family at the centre of the child neglect case via a social network.
An independent audit found the system in place at the council, "did not incorporate an adequate level of checks in order to ensure the documents were being sent to the correct recipient." The report said there was a high risk of a similar incident happening again if changes were not made.
As a result of this the council has implemented a new system whereby all staff from the Children’s Services department are required to enter a user ID before printing documents. Any document not printed after 12 hours is deleted from the queue.
Content from our partners
"It would be too easy to consider this a simple human error. The reality is that this incident happened because not enough care was being taken within the organisation when handling vulnerable people’s sensitive information," said Stephen Eckersley, Head of Enforcement at the ICO.
"The distress this incident will have caused the people involved is obvious, and the penalty we have issued today reflects that," he added.
