DPC logo

Data protection audit and avice

Homepage About us Your risk Our services News Contact us Call Data Protection Consultancy
The latest news on Data Protection Act breaches, data security risks, forthcoming legislation and requirements:


How we can help

Your organisation could benefit from our expertise in the following broad areas:

  • Audits, health-checks & risk analysis
  • Compliance support
  • Policy-checking & authoring
  • Advice & support
  • Development & training.

Of course, there are other benefits, too:

  • You can breathe a big sigh of relief
  • You may not need to employ your own people to look after data protection
  • There are genuine business benefits in getting your data protection right.

Compulsory audits are on the cards

13 October 2011—The ICO has said powers are needed to conduct compulsory data protection audits in local government, the health service and the private sector, because the ICO is being blocked from auditing organisations in sectors which are causing concern over their handling of personal information. At present, only central government departments are subject to compulsory data protection audits. Read full story…

Education organisations lose laptops containing unencrypted data

5 October 2011—Two education-related institutions were found to have breached the Data Protection Act by failing to encrypt personal information on laptops which were later stolen. In May, a laptop containing sensitive personal data was stolen from the home of an employee of the Association of School and College Leaders. While the laptop had encryption software, it was left to the employee to decide whether or not to encrypt individual documents. This laptop included unencrypted personal information on around 100 individuals—including details of their union membership and, in some cases, details of their physical or mental health. A similar incident saw a laptop belonging to Holly Park School in Barnet stolen from an unlocked office. It contained details of pupils’ names, addresses, exam marks and some information about their health. The school had no data protection policy in place at the time of the theft. Read full story…

School risks sensitive data on 20,000 individuals

8 August 2011—Bay House School in Hampshire breached the Data Protection Act after the personal details of nearly 20,000 individuals, including 7,600 pupils, were put at risk during a website hacking attack by a pupil. It exposed pupils’ names, addresses, photographs and some sensitive information relating to medical histories. Personal information relating to the parents and teachers was also compromised. 

One year to comply with new cookies law

25 May 2011—Organisations with websites aimed at UK consumers have up to 12 months to ‘get their house in order’ before enforcement of the new EU cookies law begins. The government has revised the Privacy and Electronic Communications Regulations, which come into force in the UK on 26 May, to address new EU requirements. The Regulations make clear that UK businesses and organisations running websites in the UK need to get consent from visitors to their websites in order to store cookies on users’ computers. Read full story...

Oldham school's laptop theft highlights breach of Data Protection Act

21 April 2011—Freehold Community School in Oldham was found in breach of the Data Protection Act after the theft of an unencrypted laptop from a teacher’s car. The laptop contained personal information relating to 90 pupils at the school. The ICO’s enquiries found that the school was unaware of the need to encrypt portable and mobile storage devices, although it did have a policy in place informing staff that storage devices should not be kept in cars when away from the school premises. Read full story...


© Data Protection Consultancy Ltd, 29 Shadwell Lane, Leeds LS17 6DP