Sending emails to the wrong recipient(s) is the most common data protection breach. These incidents can have a significant impact on individuals and the Council.
If there is an accumulation of these incidents it can show a failing in processes which can be reportable to the Information Commissioner’s Office (ICO) who are the regulatory body for data protection in the UK. The ICO can then sanction the Council with large fines and/or impose mandatory audits.
As previously communicated, you must STOP and THINK before you SEND emails to ensure you are doing the following:
- Checking ALL recipients are correct (being mindful of addresses pre-populating, employees with similar names and external addresses are typed correctly)
- You have CLASSIFIED your email before sending (PUBLIC, OFFICIAL or OFFICIAL-PROTECT depending on the sensitivity of the information)
- Checked all recipients you are sending the email have a genuine need to know and receive the information you are sending them
Thank you for taking the time to read this notification.
Should you require any data protection advice, please contact dataprotectionofficer@north-ayrshire.gov.uk
