The Information Commissioner's Office (ICO) has reported that the Royal London Mutual Insurance Society lost eight laptops and the personal details of 2,135 people.
It has declared that the insurance provider breached the Data Protection Act when the laptops were stolen from the company's Edinburgh offices. Two of the laptops contained the information, and the individuals affected were employees of various firms that had sought pension scheme illustrations.
The ICO reported that the two laptops were unencrypted, but were password protected. An internal report established that the company was uncertain about the precise location of the laptops at any given time and that physical security measures were inadequate.
The report also revealed that managers were not aware that personal information was stored on any of the laptops, which meant no additional precautions to control and secure the data had been taken.
Michael Yardley, group chief executive officer of the Royal London Mutual Insurance Society, has now signed an official undertaking to ensure that portable and mobile devices including laptops are encrypted.
Mick Gorrill, head of enforcement at the ICO, said: “It is particularly concerning that the organisation was unaware of the whereabouts of the laptops at any given time or what information they held. All staff members should be fully aware of the policies and procedures in place to safeguard personal information and should be appropriately trained.”
img: www.perpturkey.com
Recent comments
14 weeks 3 days ago
14 weeks 4 days ago
14 weeks 5 days ago
14 weeks 5 days ago
14 weeks 5 days ago
14 weeks 6 days ago
18 weeks 13 hours ago
19 weeks 2 days ago
21 weeks 4 days ago
21 weeks 6 days ago