Kingston Council avoids fines over data protection breach
Kingston Council has been let off the hook despite an investigation concluding it breached data protection laws.
An investigation by the information commissioner’s office (ICO) began in May after more than 100 rent statements were posted to the wrong addresses in Chessington.
Residents in Charles Lesser House, Hereford Way, were shocked to find their two-page rent statements contained one sheet of their own information and a second page with somebody else’s personal data.
The council could have faced a fine of up to £500,000 for a serious breach.
In the mix-up, a rent statement from Ewell Road in Surbiton also ended up with a Charles Lesser House tenant.
Housing benefit entitlements, bank details and rent account numbers were all passed on.
At the time Kingston Council apologised for the blunder and blamed a problem with its mailing machine.
A spokesman from the information commissioner said: “After making inquiries into the incident the ICO has ruled the council did breach the data protection act by failing to keep the information secure.
“Following our inquiries and in line with our data protection regulatory action policy we concluded that, on this occasion, no further action was required.”
The head of Charles Lesser House Residents’ Association, Keith Dickinson, 62, said: “It caused a lot of embarrassment for a lot of people, but all that gets swept under the carpet.
“I think it is disappointing if they have been proven to be breaching data laws and do not get some punishment for it.
“If I did something like drive fast on a 20mph road I would get punished.
“It does not surprise me that they got away with it.”
Since April 2007 the information commissioner’s office has received eight complaints against Kingston Council, but only one was upheld with remedial action.
Surrey County Council was fined £120,000 last year after a series of blunders in which it emailed sensitive, personal information about hundreds of vulnerable individuals to the wrong people.