Select a region
"Individual human error" has been cited as the cause of an email blunder that saw St Helier ratepayers' contact details accidentally leaked to all parishioners on 14 July.
The Office of the Information Commissioner has issued a series of recommendations to the Parish to prevent future data breaches.
Early on 14 July, the Parish sent out a copy of the Notice of Assessment for Parish Rates, which was identical to an email sent on 25 April. At 12:30, they sent another email urging recipients to ignore the previous email, with the complete mailing list. An hour later, they sent a third email to recall the second one, again showing all recipients in the CC box. A final email was sent at 14:15 to apologise "unreservedly" for the data breach.
Shortly after the blunder, the Parish contacted the Office of the Information Commissioner, although it was under no obligation to do so. They conducted an inquiry relating to the data breach and concluded it was a case of "individual human error".
Pictured: Following the data breach, the Parish sent an apology to ratepayers.
Emma Martins, Jersey’s Information Commissioner, said that a number of recommendations had been agreed with the Parish to improve controls when data is processed. She explained: "This includes a review of practices connected to all email communication with parishioners, as well as further training of staff and provision of instruction and guidance on maintaining security of individual email addresses."
She added that the Parish had taken "timely and appropriate measures" in response to the breach.
"Contact was made with this office immediately the incident came to light and we have had full co-operation since that time for which we are grateful. This incident has been recorded on our systems as a self-reported data breach and will remain on file referenced to the data processing activities of the Data Controller. It does serve to highlight the risk all organisations face when handling personal data and reinforces the importance of tight policies and procedures as well as staff training and awareness."
Comments
Comments on this story express the views of the commentator only, not Bailiwick Publishing. We are unable to guarantee the accuracy of any of those comments.