Select a region
The Constables of St Peter Port have been officially reprimanded by the Office of the Data Protection Authority (ODPA) after special category data was shared via email.
The Data Protection (Bailiwick of Guernsey) Law protects the rights of individuals in relation to their personal data and how it is held and processed.
The ODPA received a complaint from a member of the public after an email was shared by the Constables of St Peter Port to parties outside the Douzaine. The complainant was unaware that this would be possible and said they suffered as a result.
The email included special category data, which reveals an individual’s “racial or ethnic origin, political opinion, religious or philosophical belief, trade union membership, genetic data, biometric data, health data, data concerning an individual’s sex life or orientation, criminal data”. It hasn’t been revealed which specific data was shared.
The ODPA said it was clear during the first part of the investigation that the Constables were unaware of the relevant parts of data law. The ODPA also found that the Constables could not identify an appropriate condition for disclosing special category data.
The ODPA said: “These findings led the Authority to determine that the Controller had failed to comply with section 7 relating to “lawfulness of processing”, section 8 relating to “fairness of processing”, section 12 relating to “right to information for personal data collected from data subject” and section 31 relating to “duty to take reasonable steps for compliance”.”
The Constables of St Peter Port were formally reprimanded and given an enforcement order, forcing them to meet compliance regulations within a set period of time.
“There is necessarily a greater responsibility for those working in all areas of the public sector to ensure they handle people’s private information appropriately,” said the Bailiwick’s Data Protection Commissioner, Emma Martins.
Pictured: Ms Martins.
“Citizens rarely have a choice but to provide their data and breaches can have a very real impact on trust and confidence,” said Ms Martins.
“It is important for the Complainant, who suffered as a result of this breach, and the wider population that the Controller recognises where mistakes have been made and takes the necessary steps to prevent any reoccurrence.
“I am pleased that the Controller has now publicly committed to taking data protection seriously and to making the necessary improvements required by our order.”
BWCI Pension Trustees Ltd reprimanded for breaching data law
Comments
Comments on this story express the views of the commentator only, not Bailiwick Publishing. We are unable to guarantee the accuracy of any of those comments.