+44 207 488 9947
The Information Commissioner’s Office (“ICO”) has found that Bay House School in Hampshire breached the Data Protection Act 1998.
The school’s website was hacked by a student after a member of staff used the same password to access both the website and the data management system. The school had advised against using duplicate passwords, but this was not checked.
As a result of the hacking, details of pupils, their parents and teachers were exposed. Examples of data stored on the data management system included names, addresses, photographs and sensitive information relating to medical history.
According to the ICO’s website, the school has agreed to sign an undertaking to ensure that all reasonable measures are taken to encrypt and separate sensitive and confidential information held on the school’s management system. The school will ensure that all of their staff understands the school’s guidance on the use of passwords. The school’s website will also be regularly tested to ensure that the personal information they hold remains secure.
How can we help?
RT Coopers are specialists in data protection and regularly advise individuals and organisations in this regard. We provide tailored advice to clients in a variety of sectors including, but not limited to:-
We also provide specific advice to organisations on the following:-
o Confidentiality
o Copyright
Visit http://www.rtcoopers.com/practice_dataprotection.php
© RT COOPERS, 2011. This Briefing Note does not provide a comprehensive or complete statement of the law relating to the issues discussed nor does it constitute legal advice. It is intended only to highlight general issues. Specialist legal advice should always be sought in relation to particular circumstances