ICO has issued a 50-day deadline to Wolverhampton to complete staff training in the area after it described the Council’s inability to do so previously as “startling.”
The 50 days started on 15th May 2014 – if the training is not completed within this time, it will be treated as contempt of court.
The organisation claims that the local authority did not implement a policy of mandatory training until May 2013 and missed its own deadline of February this year for completing training.
It reported that only 32% of Wolverhampton staff had completed the data protection training module by the 18th February.
ICO initially imposed the training on the authority in December 2011 after it revealed problems during a policy audit.
Shortly after this, sensitive information was disclosed by a social worker to a sibling in error, highlighting the organisation’s concerns.
“Over two years ago, we reviewed the Council’s practices and highlighted the need for guidance and mandatory training to help its staff keep residents’ information secure,” claimed Stephen Eckersley, ICO head of enforcement.
“Despite numerous warnings, the Council has failed to act, with over two thirds of its staff still remaining untrained. We have taken positive steps and acted before this situation is allowed to continue any longer and more people’s personal information is lost,” he added.