News releases - 2013
GP surgery manager prosecuted for illegally accessing patients’ medical records
3 December 2013
A former manager who oversaw the finances of a GP’s practice in Maidstone has been prosecuted by the ICO after unlawfully accessing the medical records of approximately 1,940 patients registered with the surgery.
ICO warns marketing rules must be kept to during lead up to Scottish referendum
22 November 2013
The ICO has warned Scottish referendum campaign groups that they must comply with electronic marketing rules in the lead up to next year’s referendum vote on 18 September 2014.
Temporary workers still require adequate data protection training, warns ICO
21 November 2013
The Information Commissioner’s Office (ICO) is warning employers about the importance of making sure temporary staff – who regularly handle personal information - receive adequate data protection training.
Private investigators convicted of unlawfully obtaining personal information
20 November 2013
Two men who ran a company that tricked organisations into revealing personal details about customers have today been found guilty of conspiring to breach the Data Protection Act.
Hundreds of children’s details lost on unencrypted council memory stick
29 October 2013
The Information Commissioner’s Office (ICO) has served North East Lincolnshire Council with a monetary penalty of £80,000 after a serious data breach resulted in the sensitive information of hundreds of children with special educational needs being lost.
1,000 prisoners’ details emailed to inmates’ families
22 October 2013
The ICO has served the Ministry of Justice (MoJ) with a monetary penalty of £140,000 after a serious data breach led to the details of all of the prisoners serving at HMP Cardiff being emailed to three of the inmates’ families. View this news release in Welsh.
International enforcement agencies join forces to thwart caller identification spoofing
21 October 2013
Agencies from Canada, the United States, and the United Kingdom, including the ICO, have issued a statement announcing that they will combine their resources in order to to tackle unwanted, misleading and fraudulent telemarketing.
Royal Veterinary College data breach highlights importance of guidance on personal devices
15 October 2013
The ICO is warning organisations that they must make sure that their data protection policies reflect how the modern workforce are using personal devices for work.
Information Commissioner briefs Home Affairs Select Committee on PI investigation
9 October 2013
Yesterday the Information Commissioner Christopher Graham appeared before the Home Affairs Select Committee to answer questions about the ICO’s investigation into possible breaches of the Data Protection Act by clients of a group of rogue private investigators.
Pay day loans company and its director prosecuted for failing to register
8 October 2013
A pay day loans company based in London and its director have been prosecuted by the ICO today after failing to register that the business was processing personal information.
Medical records lost on bike ride home
4 October 2013
The ICO has issued Cardiff and Vale University Health Board with an undertaking following a breach of the Data Protection Act.
Information Commissioner to appear before Select Committee
4 October 2013
Christopher Graham will appear before the Home Affairs Select Committee next Tuesday to answer questions about the ICO’s investigation into prima facie evidence of breaches of the Data Protection Act by clients of a group of rogue private investigators.
Small businesses warned about importance of encryption, after London sole trader fined £5,000
26 September 2013
The ICO has warned small businesses that they must make sure they have adequate measures in place to keep customers’ details secure, after a sole trader was fined £5,000.
Barclays Bank employee prosecuted for illegally accessing customer’s account
A former Barclays Bank employee has been fined £3,360 after illegally accessing the details of a customer’s account. In one case the employee, Jennifer Addo, found out the number of children the customer had and passed the details to the customer’s then partner, who was a friend of Ms Addo.
ICO carries resolution encouraging greater co-ordination of global data protection enforcement
The ICO has won a resolution in Warsaw which is set to see improved co-ordination between global data protection and privacy authorities.
ICO appoints new non-executive members
13 September 2013
Two new non-executive members are to join the ICO’s Management Board. Ian Watmore is the former Permanent Secretary at the Cabinet Office and joins the Management Board as a member of the Audit Committee. Ailsa Beaton, who retired recently as Director of Information at the Metropolitan Police, will join the Management Board next year.
ICO responds to Michael Gove article in today's Daily Telegraph
13 September 2013
The ICO has responded to comments made by the Education Secretary, Michael Gove, in today’s edition of the Daily Telegraph suggesting that Ofsted are unable to share information with the police to protect vulnerable children in care.
ICO calls for law change to help clampdown on nuisance calls
10 September 2013
The ICO will today urge MPs to change the law if they want to see the number of cold calls cut. Simon Entwisle, the ICO’s Director of Operations, will ask the Culture, Media and Sport Select Committee to enable the ICO to issue more monetary penalties to companies behind the calls.
ICO launches investigation into rogue private investigator clients
2 September 2013
The ICO has begun an investigation into whether clients of rogue private investigators may have breached the Data Protection Act, after receiving material from the Serious Organised Crime Agency (SOCA).
Council employee publishes vulnerable children's welfare details online
30 August 2013
The ICO has served Aberdeen City Council with a monetary penalty of £100,000 after a serious data breach resulted in sensitive information relating to social services involvement with several individuals being published online. The information included details relating to the care of vulnerable children.
London council receives penalty after 2,000 residents' personal details published online
23 August 2013
The ICO has served Islington Council with a monetary penalty of £70,000 after personal details of over 2,000 residents were released online.
Probation officer prosecuted for leaking victim’s details to alleged culprit
15 August 2013
A probation officer who revealed a domestic abuse victim’s new address to the alleged perpetrator has been fined £150 following a prosecution bought by the ICO.
Students reminded of their rights ahead of results day
14 August 2013
The ICO has reminded A-level and GCSE students of their right to see details of how their exams were marked.
Home Office monitored over FOI response times
9 August 2013
The ICO has announced that the Home Office and two other public authorities are being monitored following concerns over the timeliness of their responses to freedom of information requests.
New ICO subject access code of practice
8 August 2013
The ICO has today published new guidance for organisations to help them deal with requests from individuals for their data.
Bank of Scotland receives £75K penalty after four year fax blunder
5 August 2013
The ICO has served the Bank of Scotland with a monetary penalty of £75,000 after customers’ account details were repeatedly faxed to the wrong recipients.
ICO and Ofcom draw up joint action plan to tackle nuisance calls
31 July 2013
The ICO and Ofcom today published a joint action plan to tackle the issue of nuisance calls and help protect consumers.
ICO writes to online dating companies
29 July 2013
The ICO has written to four of the biggest UK online dating companies, after questions were raised about how some dating websites are handling personal data.
Police use of ‘Ring of Steel’ is disproportionate and must be reviewed
24 July 2013
The ICO has issued an enforcement notice today ordering a police force to review its use of Automatic Number Plate Recognition cameras.
ICO fines NHS Surrey £200,000 for failing to check the destruction of old computers
12 July 2013
The ICO has issued NHS Surrey with a monetary penalty of £200,000 after more than 3,000 patient records were found on a second hand computer bought through an online auction site.
ICO continues crackdown on nuisance calls as energy company fined £45,000
8 July 2013
The ICO has served a Manchester company with a monetary penalty of £45,000 for blighting the public with unwanted marketing calls.
4 July 2013
The The ICO has given Google until 20 September to improve its policy so that people can see how their information is being used across its different products and services.
Further action for Google over Wi-Fi data collection
21 June 2013
The ICO has served Google Inc with an enforcement notice over the collection of payload data by Google’s Street View cars in the UK.
'2013 is the year that commercial imperative of good data handling will be realised’
20 June 2013
The Information Commissioner has claimed 2013 will be the year that organisations realise the commercial imperative of handling customer data properly.
TV cold-calling company fined £225,000 after thousands of nuisance calls uncovered
18 June 2013
The ICO has today issued two monetary penalties totalling £225,000 to two companies at the centre of the BBC Three programme ‘The Call Centre’. The penalties include the first penalty issued against a company linked to nuisance calls relating to PPI.
Fax blunder leads to £55,000 penalty for Staffordshire trust
13 June 2013
The The Information Commissioner’s Office (ICO) has issued a monetary penalty of £55,000 to North Staffordshire Combined Healthcare NHS Trust.
ICO welcomes debate over powers to tackle nuisance texts and calls
10 June 2013
“The ICO would welcome any improvements that make it easier for us to stop consumers receiving unwanted...
ICO responds to US law enforcement agencies' access to personal data
7 June 2013
“There are real issues about the extent to which US law enforcement agencies can access personal data of UK and other European citizens...
ICO fines Glasgow City Council £150K after repeated failure to protect people’s details
7 June 2013
The ICO has issued Glasgow City Council with a monetary penalty of £150,000 following the loss of two unencrypted laptops, one of which contained the personal information of 20,143 people.
Adoptive parents’ details mistakenly sent to birth family in council data breach
5 June 2013
The ICO has today served a monetary penalty of £70,000 to Halton Borough Council in Cheshire following a serious breach of the Data Protection Act.
Patients details left abandoned in Stockport as ICO highlights need for better decommissioning practices
3 June 2013
The ICO has imposed a monetary penalty of £100,000 after the discovery of a large number of patient records at a site formerly owned by Stockport Primary Care Trust.
Leisure centre employee prosecuted for unlawfully obtaining health information of over 2,000 people
23 May 2013
A former manager of a health service based at a council-run leisure centre in Southampton has been prosecuted by the ICO for unlawfully obtaining sensitive medical information relating to over 2,000 people.
Report highlights uncertainty on cost of EU reform
14 May 2013
An independent survey commissioned by the ICO has found a clear lack of understanding across business around the proposed EU data reforms.
ICO helps prompt fraud arrests as reports of pension spam texts triple
10 May 2013
Police have dismantled a suspected organised crime gang believed to be cold-calling and text messaging pension holders across the UK with fraudulent offers that could destroy their retirement plans.
Three authorities being monitored over FOI responses
30 April 2013
The ICO has announced that three public authorities will be monitored this quarter over concerns about the timeliness of their responses to freedom of information requests.
ICO ‘shines a light’ on private investigators as new campaign launched to punish rogues
29 April 2013
The Information Commissioner, Christopher Graham, has announced that it’s time to ‘shine a light’ on private investigators to remove any criminal elements that breach the Data Protection Act and tarnish the industry’s reputation.
GP practice in County Armagh warned after patients’ details compromised following email attack
26 April 2013
A GP practice in County Armagh is taking action to improve the way it looks after patients’ information following a breach of the Data Protection Act investigated by the ICO.
ICO praises estate agents’ commitment to data protection as rogue company boss prosecuted
8 April 2013
A targeted campaign by the ICO to get property agents to register under the Data Protection Act has seen a dramatic rise in compliance across the sector.
2 April 2013
Glasgow company fined £90,000 as ICO tackles nuisance calls
20 March 2013
The ICO has served a monetary penalty of £90,000 to a company that has blighted the public with thousands of unwanted marketing calls.
Medical receptionist prosecuted after unlawfully accessing patient’s details
12 March 2013
A former receptionist at a GP surgery in Southampton has been prosecuted by the Information Commissioner’s Office (ICO) for unlawfully obtaining sensitive medical information relating to her ex-husband’s new wife.
New survey highlights worrying lack of guidance from employers on use of personal devices
7 March 2013
A survey commissioned by the ICO has shown many employers appear to have a ‘laissez faire’ attitude to allowing staff to use their personal laptop, tablet computer or smartphone for work business, which may be placing people’s personal information at risk.
Information Commissioner lauds “interesting times” as Data Protection Officer Conference welcomes record numbers
5 March 2013
The Information Commissioner will welcome more than 800 data protection officers to Manchester today for what he will describe as a “decisive moment for the data protection sector”.
ICO urges more care with personal data as Nursing and Midwifery Council receives £150,000 penalty
15 February 2013
The Information Commissioner’s Office has urged organisations to review their policies on how personal data is handled, after the Nursing and Midwifery Council was issued a £150,000 civil monetary penalty for breaching the Data Protection Act.
Sony fined £250,000 after millions of UK gamers’ details compromised
24 January 2013
The entertainment company Sony Computer Entertainment Europe Limited has received a monetary penalty of £250,000 from the ICO following a serious breach of the Data Protection Act.