Data protection
University in trouble after data release
The Information Commissioner’s Office (ICO) has taken regulatory action against the University of Manchester following a breach of the Data Protection Act. The personal records of over 1,700 students, including information on some students’ disabilities, were published when a member of the university staff had unauthorised access to the information. The staff member emailed the information as an attachment to 469 other students.
The ICO promotes public access to official information and protects personal information. In line with these powers it has ordered a number of organisations to sign undertakings following breaches of the Data Protection Act. In the light of the incident involving the University of Manchester the ICO has insisted the University sign such an undertaking, outlining that it will process personal information in line with the Data Protection Act. The university will ensure all its staff have adequate training to prevent the inappropriate transfer of information and take all reasonable measures to safeguard personal data from accidental loss or destruction.
(Published by UK Legal News - May 5, 2009)