05.02.14
ICO publishes ‘wake-up call’ for fostering agencies
There are common problems with providing adequate data protection for sensitive information held by fostering and adoption agencies, the Information Commissioner’s Office (ICO) has found.
A new report details the findings from 10 advisory visits with independent agencies in England, highlighting problems with insecure transfers between agencies and local authorities, and between carers and agencies.
There was a “general lack” of appropriate staff training, insufficient guidance for carers, and a failure to encrypt sensitive personal information on mobiles, memory sticks and laptops.
But most agencies had adequate system controls in place to allow access only to staff who need to see certain information. The ICO is now working to help adoption and fostering agencies and organisations to address the issues raised in the report, and to help provide appropriate data protection guidance.
John-Pierre Lamb, ICO group manager in the Good Practice team, said: “The work fostering and adoption agencies carry out is vital to helping some of the most vulnerable young people in society. Keeping their sensitive personal information secure must be recognised as an important part of this process and agencies must have the necessary safeguards in place to keep this information safe whether it’s in the office, at home or on the road.
“The worst breaches of the Data Protection Act can lead to a monetary penalty of up to £500,000, but when you consider the sensitivity of the information this sector is responsible for, the human cost could be far more significant.
“Agencies and the councils they work with should see this report as a wake-up call and take action before it’s too late.”
Harvey Gallagher, chief executive of the Nationwide Association of Fostering Providers (NAFP) said: “NAFP welcomes this report – there's clearly much more we could be doing to ensure that information about children and carers is handled securely. As providers of services, it is our responsibility to ensure this happens and we should make every effort to get this right.
“The ICO found some good practice with regard to the internal controls put in place by agencies. But the significant challenge is at the interface between local authorities and independent providers where local services are under significant pressure.
“We could do much more to streamline some of the unnecessarily complicated information gathering that makes the task of handling that information so much more difficult. NAFP looks forward to working with ICO over the coming months to raise the standard of information handling in fostering to ensure we are the best we can be.”
Jacqui Lawrence, fostering development consultant at the British Association for Adoption and Fostering (BAAF) said: “BAAF welcomes this report in highlighting some of the complexities around processing personal data. Local authorities and independent fostering and adoption agencies need to work together to ensure good practice is implemented.
“In a world of changing technology and an increased need to share and process sensitive personal information, agencies need to be constantly aware of their roles and responsibilities as data controllers.”
Helen Keaney, practice support team manager at the Fostering Network, said: “We're pleased to welcome ICO's report, which highlights really important learning for independent fostering providers and local authorities.
“We shall be working with the ICO and other stakeholders to ensure that the issues raised in the report are understood and addressed, in particular developing appropriate data protection guidance for the sector.”
Tell us what you think – have your say below, or email us directly at [email protected]