Pensioners’ confidential information breached after printing error at Waltham Forest Council
Human error is the leading cause of privacy violations. And, a mistake at Waltham Forest Council has resulted in thousands of pensioners having their confidential information breached.
This grievous error happened when a "printing error" produced P60 forms which included the confidential information of two different people. Worryingly, this mistake wasn't spotted. So, pensioners received their P60 forms with their own, correct information on the front, and a stranger's details on the back.
The confidential information breached included their national insurance details, addresses and other private information.
In total, over 3,000 incorrect statements were issued.
Why was this confidential information breached?
The mistake was flagged on Facebook by James O'Rourke. His mother-in-law received a double-sided P60. He said: "It appears Waltham Forest Council has yet again been frivolous with its residents' data.
"My mother-in-law, a former council employee, received her pension P60 this week. To her horror it had been printed upon on both sides, the reverse side being another person's P60.
"A few days later she received another P60 with an attached letter. No reassurance as to whether her data has not been so sloppily dealt with.
"This is not the first time the council has breached the Data Protection Act this year, so the Information Commissioner's Office must take immediate action and the ultimate person responsible taken to task."
Waltham Forest Council admits the breach
In a letter, Waltham Forest Council admitted the breach. The council stated: "Due to an error with our printing partners a small number of these were printed with information on the reverse relating to another customer. We sincerely apologise for this error.
"Please destroy the P60 you were sent originally immediately and securely, using a home shredder if possible.
"You can also send this to the council if you would like us to destroy this for you.
"I can assure you we are taking steps to prevent any future occurrences of this type of error in the future."
A council spokesperson has also said that: "We take protecting people's data very seriously and are very sorry for any concern caused."
What can you do if you have had your confidential information breached?
Waltham Forest Council has investigated the issue, and it has implemented new sign off procedures to prevent this from happening again. It has also sent an apology letter to everyone affected.
But this falls far short of what we would expect.
In far too many cases, when a breach occurs the accepted risk management plan seems to be to apologise and promise it won't happen again. But such a noticeable absence of care over the very real impact of a data breach should not be tolerated or accepted.
What's more, the council has also said that there is no risk of fraud because of the data breach. But there is simply no way they can know this. Every day we see what happens when the personal information of people across the UK falls into the wrong hands. And, even where cybercriminals are not initially involved, the consequences can be damaging and long-lasting.
Not just hackers
Data breaches are not just caused by cybercriminals. For more advice on how to keep your data safe, follow our #notjusthackers campaign on Twitter and Facebook.
Alternatively, if you have been the victim of a data breach or cyber fraud, find out how we can help you to recover any losses. You can make a compensation claim if you have struggled emotionally following a data breach, even if you have not experienced any financial loss.
To find out more, give us a call on 0151 363 5895 to discuss your case in more depth.