All the latest UK technology news, reviews and analysis

ICO fines Prudential £50,000 for database mix up

06 Nov 2012
Prudential logo

The Information Commissioner's Office (ICO) has fined insurance and pensions giant Prudential £50,000 after a database mix up.

The incident saw two separate customers with the same first name, surname and same date of birth mixed up in its database, a situation that caused thousands of pounds from one of the individual's retirement funds to be placed in the others.

This was despite a warning from one of the customers that he had not changed address in 15 years after he received a letter from the firm confirming his supposed change of address.

The ICO said the firm failed to investigate properly and it took some three years for the situation to be finally resolved in 2010 after the problem was first in the system in 2007.

Stephen Eckersley, ICO head of enforcement, said the case should serve as a warning that firms holding personal data must keep records accurate and up-to-date in order to comply with the Data Protection Act.

"In this case two customer files were consistently confused and the company failed to remedy the situation despite being alerted to the problem on more than one occasion before it was finally resolved," he said.

"This case would be considered farcical were it not for the serious sums of money involved."

Prudential apologised for the mistake and said it had compensated the customers affected but accepted the ICO's findings.

"The problem was rectified in 2010 to the satisfaction of the ICO. We co-operated openly and fully with the review and we accept the fine imposed," it said.

"When this issue came to light we reviewed our procedures and staff training and made changes to minimise the chances of a similar error occurring again."

The fine could be reduced to £40,000 if the firm pays up by 29 November.

The fine is notable as not only is it one of the rarer occasions when the private sector has been fined by the ICO but it relates to data handling practices, rather than data loss - the usual cause of hefty fines from the data watchdog.

"Inaccurate information on a customer's record, particularly when the record relates to an individual's financial affairs, can have a significant impact on someone's life," warned Eckersley.

"We hope this penalty sends a message to all organisations, but particularly those in the financial sector, that adequate checks must be in place to ensure people's records are accurate."

The fine comes after the ICO confirmed to V3 that fines levied against the public sector for data breaches have passed £2m, a notable waste of public funds at a time when front line services are already facing limited budgets.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Dan Worth

Dan Worth is the news editor for V3 having first joined the site as a reporter in November 2009. He specialises in a raft of areas including fixed and mobile telecoms, data protection, social media and government IT. Before joining V3 Dan covered communications technology, data handling and resilience in the emergency services sector on the BAPCO Journal

View Dan's Google+ profile

More on Finance
What do you think?
blog comments powered by Disqus

BYOD vs CYOD vs BYOC poll

Which approach is your firm taking to managing employees' mobile devices?

Popular Threads

Powered by Disqus
Galaxy S5 vs One M8 video review

Galaxy S5 vs HTC One M8 video review

We see which Android contender is best for business

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Data protection: the key challenges

Deduplication is a foundational technology for efficient backup and recovery


iPad makes its mark in the enterprise

The iPad can become a supercharged unified communications endpoint, allowing users to enhance their productivity

Junior Software Engineer - C++ - £18,000 - £22,000

Software Developer - £18,000 - £22,000 A cutting edge...

Java Developer/Programmer/Engineer- Jasper Reports, SQL, Design Patterns

Java Developer/Programmer/Engineer- Jasper Reports, SQL...

VB.NET Developer

Summary: Travel Company requires a VB.Net Developer...

Salesforce Administrator - Guildford - 50k

Salesforce Administrator - Guildford - 50k New exciting...
To send to more than one email address, simply separate each address with a comma.