FOSTERING FILES LEFT IN STREET
CONFIDENTIAL information held by social services about children in care has been found on a pavement by a passer-by.
Dozens of sensitive Stoke-on-Trent City Council documents were discovered on a memory stick left in Potteries Way, Hanley, yesterday.
The social services records of foster carers, family court proceedings, parenting assessments, child custody arrangements and the psychological history of youngsters were all included in the files.
The stick was found by IT consultant Gary Fox and reported to The Sentinel before one of our reporters handed it to the council. Now officials have launched an urgent investigation into how the security breach happened.
It is not known whether the social worker had permission to take the memory stick away from the council's offices, or when it went missing.
But the information on the memory stick was not encrypted, which is against the council's own policy.
A council spokesman said: "The safety of children in our care is our priority. We have procedures for ensuring that confidential and sensitive data is kept as secure as possible.
"We will conduct a thorough investigation to determine the circumstances in which the data was lost.
"We thank The Sentinel for returning the data, as situations such as this require immediate attention. The device has been put in a safe place."
Mr Fox, who works in Hanley and lives in Stafford, had picked up the memory stick, which was covered in mud, because a blank one is worth about £10 in a shop.
The 53-year-old said: "I put the memory stick in a computer and realised there were about 40 documents on it.
"I was shocked by the vast amount of confidential information and the fact it wasn't even password protected.
"Public bodies gather information on everyone, but it seems can't be trusted to keep it safe.
"I handed the memory stick to The Sentinel, because people should be aware of how public bodies look after confidential information."
The council will report the breach to the Information Commissioner's Office (ICO), responsible for regulating the use of personal information.
An ICO spokesman said: "We may serve an enforcement notice if an organisation has failed to comply with any of the data protection principles.
"We have statutory power to impose a financial penalty if there has been a serious breach of data protection."
The security breach has shocked foster carers who rely on such confidential information being kept secure.
Carer Phyllis Hulme, aged 62, of Meir, said: "Everything to do with foster care is meant to be highly confidential.
"We are always told not to mention children's names in meetings or discuss information with anyone. Somebody has slipped up badly here."
Individual councils are responsible for creating their own data protection policies.
20 Comments
View all
by Me, SoT
Monday, March 29 2010, 8:28PM
“But surely you are giving consent by not requesting to be taken off. Most people carry a purse or wallet that contains some form of ID be it a bank card (or two) or a driving licence.
Can anyone tell me, is this database not already available on a more local level, say within Stoke on Trent or Staffordshire?”
by Rustinho, Silverdale
Monday, March 29 2010, 6:01PM
“If you are not in a state to answer questions you are neither in a state to consent to them accessing your details or confirming your identity!
The system is a huge waste of money and completely unnecessary.
People with high risk conditions (diabetes, etc) usually carry means of identifying these conditions thus negating that need for the database.”
by Paul, Stoke
Monday, March 29 2010, 5:34PM
“Hi working of Stoke so you must know that the police already have access if they believe it's in the public interest. Do anti terror laws and school catchment area's not indicate what can be abused. Wake up they are all interconnected to id cards ,tax records, passports cctv vehicle tracking ( that the tall camera's on juctions which we think are for spying on criminals when all they do are record car number plate movement).”
by Me, SoT
Monday, March 29 2010, 5:30PM
“I don't disagree with what you say Rustinho but what if you are not in a state to answer questions - thats where I see it as being beneficial. Accidents do happen unfortunately. Lets face it, we are all on numerous databases around the country be it for banking, mobile phones, salary, VAT, PAYE, benefits....the list is endless. All are open to problems.”
by Rustinho, Silverdale
Monday, March 29 2010, 4:10PM
“Some people seem to be incredibly naive about the health records database.
What if there are matters on your health records that lead to a wrong diagnosis?
ie, doctor sees records and decides that either the patient is a hypochondriac or has a pre-existing condition with the same symptoms and sends the patient home without properly investigating and the patient suffers (at worst dies) because of this?
What if a patient has a history of a condition (eg mental health) that changes how a health practitioner treats you?
Do people not think exactly the same abuses are likely in the health service that have historically happened with the police? (ie database users checking up on people unofficially)
I see there as being very little to gain from sharing health records (I can always be asked questions if someone wants to know something) and significant loss of privacy, as well as unnecessary costs borne by the taxpayer which could be better spent on providing healthcare!
Realistically, there should be no reason why these files should have been on a memory stick in the first place. Secure remote access for those council employees who require it makes far greater sense because that would mean that there is only one set of shared records that are kept up to date that everyone works from.
Mistakes happen, which is why personal data must be kept secure and only provided to people who REALLY need to know.”