InfoLawUpdate - Treasury Solicitor’s department told to improve data protection practices
Burnetts' information law solicitor Natalie Ruane discusses why the Information Commissioner's Office (ICO) told the Treasury Solicitor's Department to improve data protection practices.
The Information Commissioner’s Office (ICO) has told the Treasury Solicitor’s Department to improve data protection practices after four breaches of the Data Protection Act were found.
Three of the breaches related to documents that incorrectly disclosed personal information of individuals to third parties in various litigation cases. In effect, the Department had sent out documents still containing personal information of third parties that should have been redacted.
In the fourth case a bundle of documents was sent to a complainant but contained separate and personal data of another individual pursuing a separate claim. The ICO has issued an undertaking that requires the Treasury Solicitor’s Department to improve its processes when redacting documents. The undertaking outlines assurances that the Department will issue staff with clear guidance to follow and a comprehensive training programme for all members of staff.
Not only is the redaction of personal details concerning third parties key in the area of disclosure in the litigation process but it is also important when a company is dealing with a ‘subject access request’ under s7 Data Protection Act 1998. Using employment as an example, an employee may make a subject access request to their employer for all personal information it holds about them. This may include emails between members of management and human resources and minutes of confidential meetings. In these documents other personal information relating to third parties may be present and therefore appropriate redaction will be required.
About the author
Natalie is a Partner and leads the Employment Law & HR team and specialises in education.
Published: Thursday 3rd April 2014
Categorised: Information Law