Information Commissioner’s Office fines barrister for failing to keep client personal data secure

A senior barrister who failed to keep clients’ sensitive personal information secure has been fined £1,000 by the ICO.

Information belonging to up to 250 people, including vulnerable adults and children, was uploaded to the internet when the barrister’s husband updated software on the couple’s home computer.

Some 725 unencrypted documents, which were created and stored on the computer, were temporarily uploaded to an internet directory as a back up during the software upgrade. They were visible to an internet search engine and some of the documents could be easily accessed through a simple search. Six of the files contained confidential and highly sensitive information relating to people who were involved in proceedings in the Court of Protection and the Family Court.

Steve Eckersley, head of enforcement at the ICO said: “People put their trust in lawyers to look after their data – that trust is hard won and easily lost. This barrister, for no good reason, overlooked her responsibility to protect her clients’ confidential and highly sensitive information. It is hard to imagine the distress this could have caused to the people involved – even if the worst never happened, this barrister exposed her clients to unnecessary worry and upset”. To read the ICO’s press release and for a link to the monetary penalty notice, click here.