An independent commission has reprimanded Thames Valley Police after a witness’ address was released into the public domain.
Today (2 June), the Information Commissioner’s Office (ICO) states that this information made its way into the hands of suspected criminals.
As a result a witness had to move house, the ICO believes the individual remains at risk.
Thames Valley Police has since apologised for the error and states it will take on recommendations made by the independent body.
A spokesman for the ICO said: “[Thames Valley Police] did not have appropriate steps, such as training, in place to ensure officers were aware of guidance around disclosure and redaction. This is a breach of data protection law.”
Following this incident the ICO expects the police force to provide further training to all staff responsible for redactions and disclosures.
Update its policy and processes, plus make these available to staff as soon as possible. Also, the ICO says the police force must continue to review its policies and guidances, when it comes to handling data.
Natasha Longson, ICO head of investigations, said: “Sensitive personal information relating to crimes needs to be handled with great care. This case shows the impact on vulnerable people if that’s not done.
“Our enforcement action in this case should act as a warning to other organisations that they must take sensible steps to protect people’s personal details.”
A spokesman for Thames Valley Police said: “Our officers and staff are trained on redacting material but there was some particular contextual information that was missed in this case, for which we apologise unreservedly to the person involved.
“We take our responsibility to safeguard the public’s data extremely seriously and have taken action based on the recommendations made, particularly in regard to training and awareness of policies and guidance.”
What is the Information Commissioner’s Office
The ICO is a non-departmental public body which reports directly to the Parliament of the United Kingdom and is sponsored by the Department for Digital, Culture, Media and Sport (DCMS). It is the independent regulatory office national data protection authority.
