Thursday 03 December 2020
Select a region

Planning escapes fine for publishing details about vulnerable child

Planning escapes fine for publishing details about vulnerable child

Monday 19 October 2020

Planning escapes fine for publishing details about vulnerable child


Jersey's Planning department has escaped a fine for twice breaking the data protection law by sharing sensitive health information online about a vulnerable child, because it is a government body.

The Jersey Data Protection Authority has issued its first ‘Public Statement’ against a government department - or ‘Public Authority’, as they are officially called in this context.

An investigation by the JDPA concluded that Planning and Building Services had failed to adequately redact personal data, which resulted in the information about the child being published on the online registry of planning applications.

JDPA Chair Jacob Kohnstamm said: "The JDPA has determined that, on balance, the circumstances of this case were grave enough to warrant a public statement, and had the JDPA not been prevented by law from imposing a fine due to the Controller being a Public Authority, the JDPA would have considered a fine in these circumstances."

Jacob_Kohnstamm.jpg

Pictured: JDPA Chair Jacob Kohnstamm.

Deputy Information Commissioner Paul Vane added: "All data controllers and processors have significant obligations in law to be accountable and provide appropriate security for the personal data they are entrusted with.

"This is particularly important when the organisation concerned is a Public Authority, as building the trust and confidence of the Jersey public in Government data handling activities is paramount."

The JDPA said that it considered the department’s cooperation and early recognition of the problem as mitigating factors, along with its prompt updating of systems and processes and training updates for staff. 

However, it added that it had also taken into account the department’s lack of appreciation of the significance of some of the problems arising from the processing of personal data, which had led to the investigation, and which “had tended to minimise the significant effect the processing had on a vulnerable minor."

It said that while the department had cooperated with the authority and removed the data relating to the first breach at the JDPA’s request, the information was then uploaded to the department’s online public registry again on two further occasions while still containing insufficient redaction.

Jersey’s Data Protection Law, which came into force in 2018, prohibits the JDPA from fining publicly funded organisations, which means that an official statement is the highest sanction it can award in this instance.

Sign up to newsletter

 

Comments

Comments on this story express the views of the commentator only, not Bailiwick Publishing. We are unable to guarantee the accuracy of any of those comments.

Once your comment has been submitted, it won’t appear immediately. There is no need to submit it more than once. Comments are published at the discretion of Bailiwick Publishing, and will include your username.

Posted by Scott Mills on
That's alright then, so if you are dealing with any government bodies afar or within, it doesn't matter. We should move this island to central/south america....would fit in nicely there. It would definitely be worth writing the journey down on some paradise paper....perhaps in panama.
Posted by Andre Gorvel on
Government has a duty to lead by example. In this case and others, there are fundamental controls that are being ignored or are simply not in place! I agree with the JOIC here, financial penalties are perhaps inappropriate, fines work best when there is clear ownership of the money! I think I would prefer something more personal let’s get the Ministers and heads of the departments to apologise personally and in public for each and every breach, and detail how they will prevent their departments from doing this again.
Posted by Steven Simon on
Of course they did. It would seem that the SOJ are untouchable & above the law?
Posted by nigel pearce on
A fine on the Planning Department would only result in moving money to another States' Dept. so would achieve nothing.
To place a comment please login

You have landed on the Bailiwick Express website, however it appears you are based in . Would you like to stay on the site, or visit the site?