NIO found in breach of data protection
The Information Commissioners Office (ICO) has found the Northern Ireland Office (NIO) in breach of the Data Protection Act after it failed to supply an individual with information it held on him.
The Information Commissioners Office (ICO) has found the Northern Ireland Office (NIO) in breach of the Data Protection Act after it failed to supply an individual with information it held on him.
The ICO investigated the NIO following a complaint from an individual that the Authority had not responded to a subject access request. Under the Data Protection Act individuals have the right to find out what information an organisation holds on them.
The ICO has now required the NIO to sign a formal undertaking to ensure that all personal information is processed in accordance with the Data Protection Act. The NIO must also provide training to all employees who deal with subject access requests under the Act. Failure to meet the conditions of the undertaking is likely to lead to further enforcement action by the ICO and could result in prosecution by the Office.
Marie Anderson, the Assistant Commissioner for Northern Ireland, said: The Data Protection Act gives us all important rights, including the opportunity to find out what information is held on us by an organisation.
This right is one of the key principles of the Act. It is essential that organisations comply with subject access requests appropriately or they risk action from the ICO.
