Council confidential data loss causes ICO concern
Welsh councils are not doing enough to protect people's confidential data from falling into the wrong hands, according to the UK information watchdog.
Eight of Wales' 22 councils have had cases of data being lost or stolen in the last three years.
The Information Commissioner's Office (ICO) in Wales says it has "deep concern".
Councils involved have told BBC Wales they take protecting data seriously and have tightened procedures.
Among the cases, five laptops and four memory sticks containing sensitive information have been lost by local authorities.
The information was obtained under the Freedom of Information Act by privacy and civil liberties group Big Brother Watch which published its findings online in November and which showed 132 councils 'lost private data' across UK councils.
In one instance in February 2009, Cardiff council wrongly sent the names and addresses of 2,400 children in need and on a child protection register to the NHS.
A Cardiff council spokesperson said the disclosure was made in error and that prompted action by the partner agency that received the data and the local authority, ensured the matter was quickly identified and that risks associated with the disclosure were contained.
A spokesperson said: "The recipient of the data undertook to ensure that the data they had received was destroyed.
"The council established that the disclosure was the result of human error and ensured that the census process was clarified to avoid future errors of this type."
'Lot of distress'
In other cases, five laptops and four memory sticks containing sensitive information has been lost by councils.
Councils involved have told BBC Wales they take protecting personal data very seriously and have tightened procedures.
But Anne Jones, assistant commissioner for Wales at the IOC, told BBC Wales they have "serious concerns" about the number of cases where councils misplace sensitive personal information, calling the situation "very serious".
She said: "We're talking about sensitive information going to the wrong people, and that is going to cause a lot of distress for individuals... people don't want that kind of information in the public domain, which is what could happen here."
Mrs Jones said councils needed to do more so that staff were aware of the seriousness of losing personal information.
"We're trying to achieve a culture of compliance, of good data handling practice, where it becomes second nature for staff to do things properly.
"It's staff error; it's inattention to detail, that's the area that really needs to be tightened up."