We have a responsibility to ensure that person-identifiable information is held securely and that confidentiality is respected and safeguarded.
Information security is characterised as the preservation of:
- confidentiality - ensuring that information is available only to those who have the authorisation to have access
- integrity - safeguarding the accuracy and completeness of information and processing methods
- availability - ensuring that authorised users have access to information and associated assets when required
It's important that all staff take responsibility for the information we deal with on a daily basis. If you lose or misuse data there can be serious consequences - even if it's accidental.
Breaching the Data protection Act can lead to huge fines for local authorities, up to £500,000 in some cases.
We have a reporting process that staff should use if they discover an information breach.
Some examples of security breaches are:
- someone's personal data left on a shared printer, desk or public area
- someone's personal data is lost, for example, from a stolen laptop, memory stick or briefcase
- someone's personal data is sent to the wrong recipient via post, email or fax
- someone's personal data is inadequately disposed of after it is no longer required