Greater Manchester Police has been fined £120,000 by the Information Commissioner’s Office (ICO) for failing to take appropriate measures against the loss of personal data.
An investigation into the force’s data protection practices was launched after a memory stick containing personal details about thousands of people linked to police operations was stolen from an officer’s home in July 2011. Despite the sensitive nature of the data, the device had no password protection.
The ICO discovered that a number of officers across Greater Manchester Police force regularly used unencrypted memory sticks. The USB devices may also have been used to copy data from police computers for officers to access away from the department.
This is despite a similar security breach in September 2010. As a result, the ICO concluded Manchester Police had failed to put restrictions on downloading information and that staff were not sufficiently trained in proper data protection — via redwolf.newsvine.com