A spreadsheet released by the Police Service of Northern Ireland (PSNI) in response to a freedom of information request contained personal information about all 9,483 serving PSNI officers and staff. The information which was included in a “hidden” tab in the spreadsheet was published online.
The Information Commissioners Office (ICO) found that PSNI’s internal procedures and sign-off protocols for safely disclosing information were inadequate.
The information released has created a heavy impact on the lives of many. Because of the fear of threat to life, some have had to move house, cut themselves off from family members or completely alter their daily routines. Naturally, this has caused anxiety and distress not just to those affected but also their family and friends.
The ICO have fined the PSNI a provisional amount of £750,000 for the breach. However, in arriving at this amount they applied a “public sector approach.” This allows them to ensure that public money isn’t being diverted from where it is needed. Without this approach, the ICO would have set the fine at £5.6 million!
Bearing in mind these consequences, both to people’s lives and financially, this case serves as a reminder that businesses need to ensure that they have robust measures in place to protect personal information.