28.11.16
Borough council probed in potential mass data breach
A Nottinghamshire borough council has been investigated by police after it was potentially the site of a mass breach of data protection laws.
Police were notified in September after a confidential email sent to Broxtowe Borough Council which made allegations about a member of staff’s conduct was sent to all 730 staff. Police confirmed that while they could identify no offences in the matters raised in the email, the act of sending the email itself may breach the Data Protection Act.
The council has confirmed that an internal investigation had looked into the allegations, but it declined to say whether anyone had been disciplined.
A spokesperson for Nottinghamshire Police said: “Upon reviewing the case officers identified that no offences are thought to have been committed. It was agreed with the council that the most appropriate course of action would be an internal investigation.
“Nottinghamshire Police are assisting by way of investigating the source of the email; the results are not yet known but could be protected by whistleblowing legislation.”
The email in question, sent by a senior manager, contained a letter which called for ‘independent investigations’ into financial and personal matters concerning the council.
The letter, dated in December of last year, was marked ‘confidential’ and addressed to the borough council’s chief executive Ruth Hyde.
A spokesman for Broxtowe Borough Council said: “A data breach did occur and has been fully investigated.
“The breach and the subsequent investigation detailing how the council managed the situation has been reported to the Information Commissioner's Office and the police.”
The council added that they had heard from the Information Commissioner that the body does not intend to take any action regarding the email.
Have you got a story to tell? Would you like to become a PSE columnist? If so, click here.