Information Commissioner fines family lawyer who stored client files on home computer
Decision reminds practitioners of need to encrypt files used at home
A 'senior' barrister, practising in family law, who failed to keep clients' sensitive personal information secure has been fined £1,000 by the Information Commissioner's Office (ICO).
Information belonging to up to 250 people, including vulnerable adults and children, was uploaded to the internet when the barrister's husband updated software on the couple's home computer.
Some 725 unencrypted documents, which were created and stored on the computer, were temporarily uploaded to an internet directory as a back up during the software upgrade. They were visible to an internet search engine and some of the documents could be easily accessed through a simple search. Six of those files contained confidential and highly sensitive information relating to people who were involved in proceedings in the Court of Protection and the Family Court.
In January 2013 the Bar Council issued guidance to barristers that a computer used by family members or others may, in addition to password protection, require encryption of specific files in order to prevent unauthorised access to confidential material by shared users.
Steve Eckersley, head of enforcement at the ICO said:
"People put their trust in lawyers to look after their data – that trust is hard won and easily lost.
"This barrister, for no good reason, overlooked her responsibility to protect her clients' confidential and highly sensitive information. It is hard to imagine the distress this could have caused to the people involved – even if the worst never happened, this barrister exposed her clients to unnecessary worry and upset."
For the redacted decision, click here.