Breach of DPA

Bookmark and Share
20 January 2008

The ICO has found Skipton Financial Services Limited (SFS) in breach of the Data Protection Act following the theft of an unencrypted laptop containing the personal information of 14,000 SFS customers from a company providing software consultancy services to SFS. 

The  Act requires appropriate measures to be taken to prevent accidental loss or destruction of personal data. SFS has signed an undertaking that it will fully encrypt personal data held on laptops by SFS or its contractors. It will also carry out risk assessments before engaging third parties to process data on its behalf. This is more specific on the processing of data by third parties than the enforcement notice issued to Marks & Spencer for a similar breach.

Search news archive