Serious Data Breach of Personal Information By Shepway District Council.

Shepway District Council have released the names of 82 individuals in their Excel Payments to Suppliers data, July 2017. The names, addresses and pay data belonging to the dead, disabled persons and temporary staff employed by SDC and others has been released in contravention of the Data Protection Act 1998.

image001

All these individuals names, addresses and pay data should not have appeared in the data, but unfortunately SDC’s lack of sanity checking has revealed them.  The revelation of this data has serious consequences for SDC with regards to the Data Protection Act 1998  and the EU Data Protection Directive. It also means that SDC MUST report themselves to the Information Commissioner’s Office (ICO) the body responsible for Data Protection. If perchance SDC do not, there is no need to worry, for we the Shepwayvox Team, as responsible citizens have reported it to the ICO.

55 of the 82 names relate to temporary staff, who were supplied by eight agencies. They have had their names and hourly or day rates revealed unnecessarily.

These are the agencies and the Departments where the temporary staff were assigned to:

Recruitment Solutions (Folkestone) Ltd – Grounds Maintenance, Royal Miltary Canal, Housing Options, Procurement, Legal Services, Business Support, Customer Services and Leadership & PA Support

HR Go Kent Ltd  – Grounds Maintenance, Charity Areas, Royal Miltary Canal and Toilet Cleaners

Office Angels – Corporate Debt

Venn Group – Legal Services, Benefits & Pump Maintenance

Farrar Planning Ltd – Planning Control

Randstad CPE Ltd – Environmental Protection

Barry Cornelius – Accountancy, Interim Management Services

Anthony Swaine Architecture Ltd – Planning Control

and one self employed person.

The total costs for all these 55 temporary staff for July 2017, was £71,889. And yes we can see how much each of these individuals were paid, including their hourly rate and/or their daily rate of pay.  The Local Government Transparency Code 2015 states that persons on or above £50,000 should be revealed, not persons below this.

The biggest tradegy is that SDC have released the names, addresses and amounts that eight individuals have received from the Disabled Facilities Grants. The total amount SDC revealed was £27,581. This is despicable. This is a very clearly a violation and breach of the Data Protection Principles

SDC have revealed the name of the dead. Three persons received a public health funeral provided for by Chittendens at a total cost of £3,456.

The data also reveals an Early Retirement Contribution to a former SDC employee. They received £12,400 in July 2017.

SDC gained a “Warrant of Possession” against a named individual for Council Tax. To lose one’s home is bad enough, but then to have one’s named  released in SDC’s data, adds insult to injury.

For obvious reasons we cannot and will not reveal these names and addresses or individual amounts of money received. However, we have informed SDC by email and by phone to pull the information from their website as soon as possible. We have also informed the ICO, as we said. We did contact the Out of Hours Team over the weekend, but got no reply.

Also the data reveals that SDC classed the eviction of travellers from a site as “Pollution Reduction” this cannot be politically correct terminology in the 21st Century. Yes the travellers needed to be moved on at a cost of £2,276, but to allocate it to “Pollution Reduction” shows SDC’s mindset and how they see/perceive travellers.

We ask the people of Shepway if they wouldn’t mind a little “Pollution Reduction” with regards to the Conservative led administration. The costs we believe, would be well worth it, don’t you think?

The persons ultimately responsible for serious data breach, is of course, the Chief Executive Alistair Stewart (pictured). Cllr David Drury Monk Leader of SDC (pictured). Cllr Malcolm Dearden, Cabinet Member of Finance (pictured). Cllr Rory Love, Cabinet Member for Customers and Digital Delivery(pictured).

Screenshot from 2017-08-14 09-03-03  MD mONK Screenshot from 2017-08-14 09-08-33

Finally, this balls up by SDC could end up costing the Shepway ratepayer up to £500,000, the maximum the ICO can fine any corporate body. This means we will potentially pick up the tab for their cock up. It’s clear these people do not live in the real world, nor do they seem to care or check the data they publish.

The Shepwayvox Team.

Update

SDC have now pulled the data from their website as is clear from this screen shot (below) at 11.11am Monday 14th August 2017.  The information remained in the public domain for nearly 96 hours (4 days)

Screenshot from 2017-08-14 11-11-07

Advertisements

2 Comments on Serious Data Breach of Personal Information By Shepway District Council.

  1. They are idiots with a capital “C”
    I think we know what the “c” stands for in SDC now too.
    Is no one in SDC’s senior management competent?
    I bet that they blame a junior member of staff or temporary worker….

    Like

  2. Lawrence Corbusier // August 14, 2017 at 15:10 // Reply

    There is at least one other ongoing ICO investigation into the way Shepway elected officers conduct themselves with regards to personal privacy. Watch this space!!

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: