Hot Shot Lawyer Falls Foul of Data Protection Act

The Information Commissioner's Office (ICO) has ruled that Ruth Crawford QC, a leading Scottish lawyer, breached the Data Protection Act 1998 when she failed to encrypt the data stored on a laptop that was stolen from her home whilst she was on holiday. The laptop, which was never recovered, held sensitive personal data relating to a number of individuals involved in eight court cases that Ms Crawford had been working on, including details of their physical and mental health.

In one sense, Ms Crawford had a lucky escape. She was not fined for the breach, because the incident occurred before the ICO was given powers to impose financial penalties. However, she has signed undertakings to encrypt all portable and mobile devices containing client data and to lock away personal information stored at her home.
This case is a sharp reminder of how careful you need to be when it comes to data protection issues. The ICO now has power to impose financial penalties for breaches of the Data Protection Act up to £500,000.

Click here to read the ICO's guidance on storing personal information electronically:

If you would like to know more, please contact Nick Crook or David Dees.

Filed: 24/11/2011 08:27:20