UK data protection watchdog the Information Commissioners Office (ICO) has criticized Edinburgh Council for failing to have an information security policy in place, following a data breach that led to the theft of 13,000 email addresses.
The ICOs newly released audit concluded that the local authority provided only a limited level of assurance that processes and procedures are in place and delivering data protection compliance.
It added that there was considerable scope for improvement to reduce the risk of non-compliance with the Data Protection Act.
To read the entire article, please click here.
Source: http://www.infosecurity-magazine.com/
