Landlord rapped for staff pensions email bungle
A landlord breached the Data Protection Act by sending the personal data of 200 employees to the wrong email address.
The Information Commissioner’s Office found that a staff member at Spectrum Housing Group accidentally emailed a non-secure excel spreadsheet containing employees’ data – such as pension contributions – to the wrong external email address in March this year.
The error was discovered 30 minutes later, at which point the unintended recipient was informed and the data destroyed.
Spectrum, which owns and manages 18,000 homes, contacted the ICO and an investigation was launched which found that at the time of the incident, the landlord did not have a sufficient policy in place to help prevent such incidents.
The ICO has now ordered the company to take action.
Sally Anne Poole, acting head of enforcement at the ICO, said: ‘While on this occasion the information compromised was not sensitive, the fact is that at the time of the incident Spectrum Housing Group did not have appropriate controls in place.
‘This case highlights the need for organisations to make sure that adequate checks are in place and documents suitably protected before they are sent out.’
The ICO said that Wayne Morris, group chief executive, of Spectrum Housing Group, had now signed a formal undertaking to ensure documents containing personal data are only sent by email where necessary and only contain the minimum amount of data.