Police in breach of the Data Protection Act

by David Neal

The Information Commissioner’s Office (ICO) has found Kent Police in breach of the Data Protection Act.

This is the second time in as many weeks that the ICO has set its enforcers on the police. The Independent Police Complaints Commission (IPCC) was hit with an enforcement notice last week after failing to respond to 69 Freedom of Information requests on time.

ICO deputy commissioner Graham Smith said that the IPCC notice should to serve as a “strong signal to all public authorities that failure to respond [to Freedom of Information requests] is unacceptable”.

Now, a week later, Kent Police has been found wanting in its transportation and storage of personal information.

A notice on the ICO web site said that it had taken action after documents were stolen from the boot of a police officer’s car, which was parked at a residential address. The information was discarded and eventually handed in at the police station by a member of the public.

Further enquiries found that the officer had not used a secure briefcase to transport papers, and had not been given a “secure storage facility” to use at home.

“It is essential that police forces ensure that correct safeguards are in place when storing and transferring personal information, especially when it concerns highly confidential information,” said Sally-Anne Poole, enforcement group manager at the ICO.

“A lack of awareness of data protection requirements can lead to personal information falling into the wrong hands.”