Fine for Heathrow Airport for Serious Data Protection Failings
Published on: 8th October 2018
By PYXI GDPR Team
"On 16 October 2017 a member of the public found a USB memory stick, which had been lost by a HAL employee. The stick, which contained 76 folders and over 1,000 files was not encrypted or password protected. The member of the public viewed the material it contained at a local library.
Although the amount of personal and sensitive personal data held on the stick comprised a small amount of the total files, of particular concern was a training video which exposed ten individuals’ details including names, dates of birth, passport numbers, and the details of up to 50 HAL aviation security personnel."
The use of unsecured memory sticks or flash drives can be significant data security risk where personal data is transfered or stored on them. Clear education and technical protections need to be in place in all organisations to ensure that such devices are fully protected when they're used in this way.
PYXI GDPR Team: 8th Oct 2018 09:37:00
Subscribe to our
Weekly GDPR Newsletter.
It's full of really useful updates
for UK small businesses.
ICO Q2 Data Security Incident Trends
The ICO's figures for Q2 show that the most frequently reported data security incident relates to disclosure of data. The ICO's website has published information about Q2 2018-19's data security incidents by type and sector, and the single mo... click to read more