Housing association reprimanded for exposing personal information on online portal
Posted 17.04.24
Information Commissioner's Office (ICO): Further reading
The ICO has issued a reprimand to Clyde Valley Housing Association after personal information was accessible to other residents on an online customer portal.
On the first day the portal launched in 2022, a resident discovered they could access documents related to anti-social behaviour cases and view personal information about other residents, including names, addresses and dates of birth.
The resident called a customer service advisor at Clyde Valley Housing Association to flag the breach, but their concerns were not escalated, and the personal information remained accessible for five days.
Following a mass email to residents promoting the portal, four more residents reported the same breach, and the new system was suspended.
The ICO investigation found that the housing association failed to test the portal appropriately before it went live and staff were not clear on the procedure to escalate a data breach.
*****
Return to this month's headlines
KEEP UP-TO-DATE WITH ISSUES AFFECTING THE SOCIAL AND AFFORDABLE HOUSING SECTORS
NEWS AND VIEWS REPORTED IN BRIEF SUMMARY FORMAT, WITH LINKS FOR FURTHER READING
RECOGNISABLE CATEGORY SECTIONS FOR EASY ACCESS
AN ESSENTIAL FREE RESOURCE FOR ANYONE WITH A BUSY SCHEDULE
EDITED BY MIKE SKILTON
CLICK ON THE SECTIONS BELOW FOR ALL CURRENT POSTS - OR THOSE FOR SELECTED PAST MONTHS
Links