Download original attachment
(PDF file)
This is an HTML version of an attachment to the Freedom of Information request 'At least two actual breaches of Data Protection by Hertfordshire County Council - how did they happen?'.
 
 
 
 
Mr. J. Edwards 
Information Governance Unit
 
Hertfordshire County Council
 
CHO150, Room C1, County Hall
 
Pegs Lane, Hertford
 
Hertfordshire
 
SG13 8DQ
 
By email only 
Telephone: 
01992 555848
 
Email: 
[email address]
 
Date: 
8th July 2010
 
Dear Mr Edwards, 
 
Reference number: FOI/RAP/06/10/2182 
 
On 10 June 2010, we received the following request for information from you: 
 
On 1st June 2010 Hertfordshire County Council wrote to tell me that, in 
responding to an information request from a member of the public (i.e. not 
me) concerning Grove Road, Hemel Hempstead, and through a "human 
error", they had "ineffectively redacted" the data and as a consequence my 
personal data (my name, e-mail address and mobile phone number). I believe 
that the unredacted information was sent in mid May 2010. 
 
Also on 1st June 2010. Hertfordshire County Council wrote to 
Whatdotheyknow to tell them that they had "ineffectively redacted" their 
response to my query on this site (Please send me the results of your 
investigation into the continued obstruction of Grove Road), presumably as 
the result of the same "human error". As a consequence the entire report can 
now be seen on the Whatdotheyknow site under the above query, together 
with the redacted version. Viewing the redacted and unredacted versions on 
this site, there has been a major breach of confidentiality. The response was 
delivered on 4th May 2010. 
 
The same "human error" has occurred at least twice, with some 14 days 
between a first and second occurrence. This being so, it is reasonable to 
assume that this is a generic problem which has affected a number of 
responses. 
 
My request is therefore that HCC provide full, chronological, details of what 
went wrong both in general and for the two particular instances noted above 
(such as what happened, how it happened, how it was discovered, how many 
cases have occurred (and how many people have had to be notified), over 
how long a period, what has been done to ensure it does not happen again 
and so on). 
Page 1 of 4 
Your request for information has been considered under the Freedom of Information Act 
2000. I can confirm that Hertfordshire County Council does hold the information you have 
requested and can respond as follows: 
 
The County Council’s Information Access Team regularly releases electronic 
documents in response to requests for information which fall under the Freedom of 
Information Act 2000 and Environmental Information Regulations 2004. Where 
documents contain information which is exempt from disclosure (e.g. personal 
information), the team uses software to redact (remove) this information from 
electronic documents before disclosing them. 
 
Unfortunately, our electronic redaction process has not worked correctly on some 
documents released under FOI / EIR. Text has been physically obscured by 
blackout markings, but the underlying text has not been excised from the 
documents, and can be retrieved / viewed. This was brought to our attention by a 
recipient of information who reported that they had received un-redacted files. 
 
The documents containing personal data were released in response to two 
separate requests for information. Request One asked for a copy of the results of 
the County Council’s investigation into the obstruction of Grove Road, Hemel 
Hempstead. This report was disclosed to a whatdotheyknow.com email address, 
and was subsequently made available via that website.  
 
Request Two asked for information and correspondence held by the County 
Council regarding Grove Road, Hemel Hempstead. The requestor asked for all 
information from 1970 to date. Only recent correspondence was held, and was 
released in response to the request. 
 
The County Council was alerted to the redaction error by the recipient of our 
response to Request Two. The redaction process used on the documents 
disclosed in response to this request was examined, and it was discovered that the 
process had not been correctly applied. Steps were taken immediately to ensure 
that any redaction undertaken from this point forward was permanent. 
 
An investigation was initiated to establish what had happened, how it had 
happened, the breadth of the problem and the action required in light of the data 
security breach. 
 
We determined that the redaction failure was the result of human, rather than 
software error (i.e. the way the software had been used, rather than the software 
being unfit for purpose). The member of staff concerned had been proof checking 
their redactions, but not to the extent of trying to circumvent the redactions by 
viewing documents in other formats (or with different software). 
 
We have made sure that the entire team understands how the error occurred, the 
severity of the situation, and what process to follow to ensure that this redaction 
error cannot occur again. 
Page 2 of 4 
The incorrect redaction process had been used since November 2009. However 
because of unit staff changes Information Governance Unit staff tested the 
redactions applied to all responses sent from July 2009 onwards (covering 734 
requests for information). Only one other response was found to contain personal 
data which should have been permanently redacted, but which could still be 
accessed. This was the response sent to Request One
 
This checking exercise did reveal that redaction failed, in some instances, where 
we had sought to withhold details relating to individuals acting in their professional 
capacity. Our view is that redaction should be kept to a minimum, and that 
information which specifically relates to professional activity should be disclosed 
where possible. We are reviewing the application of redaction in light of this. 
 
The six parties directly affected by the data security breach were informed. We 
apologised for the breach and explained: 
 
•  How the error occurred. 
 
•  What action we were taking. 
 
•  Their right to complain to the Information Commissioner’s Office. 
 
With regard to the incorrectly redacted documents provided to 
whatdotheyknow.com, we have asked them to remove this version of the report 
from their website, and have provided them with a properly redacted document. 
They have declined to remove the original version, citing the public interest in the 
information being made available and the public interest in their maintaining a 
“repository of FOI requests, responses and correspondence in as complete and 
uncensored a manner as is possible within the law”. 
 
We have written to the Information Commissioner’s Office (ICO) to report our 
failure to adequately protect personal data, and to seek their advice regarding the 
stance being taken by whatdotheyknow.com. We have advised 
whatdotheyknow.com that we are seeking advice from the ICO. 
 
In terms of ongoing and future action: 
 
•  We are exploring new redaction software to see if it eliminates the process 
which gave rise to the human error. 
 
•  We are developing clear guidelines on the appropriate use of redaction in 
the preparation of responses to requests for information. 
 
•  We are revising our breach notification process so that all identified parties 
are notified at the same stage, in the event of any future data security 
breaches. 
 
•  We will co-operate fully with any investigation undertaken by, or course of 
action prescribed by, the ICO. 
 
Page 3 of 4 
Summary chronology of key events: 
 
Date 
Event 
Response to Request One sent by the Information Access 
4 May 2010 
Team
Response to Request Two sent by the Information Access 
19 May 2010 
Team
County Council informed of the redaction error by recipient of 
26 May 2010 
Request One. 
Redaction in responses to requests for information sent from 
27 / 28 May 2010  July 2009 onwards checked. 
Whatdotheyknow.com alerted to the breach by the 
28 May 2010 
Information Access Team
Five of the data subjects affected by the breach informed by 
1 June 2010 
the Information Access Team
Sixth data subject affected by the breach informed by the 
7 June 2010 
Information Access Team
ICO advised of the data security breach by the Information 
17 June 2010 
Access Team
 
If you have any further questions about this data security breach, or if you want any more 
information about the action we have taken, please do not hesitate to contact me, quoting 
reference number FOI/RAP/06/10/2182
 
If you are unhappy with the way the County Council has handled your request for 
information, you may complain through the County Council's complaints procedure which 
is available at www.hertsdirect.org/complaints
 
If you are unhappy with the outcome of the complaints procedure you are entitled to ask 
the Information Commissioner to investigate your complaint. You should write to: 
 
FOI / EIR Complaints Resolution 
Information Commissioner's Office 
Wycliffe House 
Water Lane 
Wilmslow 
Cheshire SK9 5AF 
 
Yours sincerely, 
 
 
 
 
 
Elaine Dunnicliffe 
Senior Information Access Practitioner 
Hertfordshire County Council 
 
The Information Governance Unit supports Hertfordshire County Council's Data 
Protection, Freedom of Information and Records Management activity. 
Page 4 of 4