The Information commissioner has slapped councils with fines totalling £180,000 as its crack down on poor data practices gathers momentum, with the watchdog having issued fines of over £1m to date.
The cases again show the public sectors failure to take advantage of encryption technologies to protect sensitive data and its continued reliance on paper-based systems for transporting documents.
In the first, Croydon Council was fined £100,000 after a bag containing papers relating to the care of a child sex abuse victim were stolen from a London pub.
Norfolk County Council, meanwhile, was fined £80,000 wrongly disclosing information about allegations made against a parent to a third party.
Both councils had made grave data handling errors, said Stephen Eckersley, head of enforcement at the Information Commissioner's Office (ICO).
“While both councils acted swiftly to inform the people involved and have since taken remedial action, this does not excuse the fact that vulnerable children and their families should never have been put in this situation,” he said.
Both councils were criticised for their inadequate attempts to train staff over how to treat sensitive information.
Croydon Council had a data protection policy in place when the incident took place, but it had not been properly communicated to staff.
Meanwhile the Norfolk council worker that sent sensitive information to the wrong recipient had not completed mandatory data protection training.
The fines come just days after the ICO censured five other councils for data handling errors.
Information commissioner Christopher Graham, and Robert Kerslake, head of the civil service, wrote to public sector chiefs earlier this month urging them to improve their data handling processes.
Graham said he was willing to use his powers to impose fines as high as £500,000 to ensure that public sector bodies took the issue of data protection seriously.
Dr Kuan Hon criticises GDPR consent emails that will only eviscerate marketing databases and 'media misinformation'
Apple squashes Steam Link app on 'business conflicts' grounds
Philip Hammond wants to forget rules that the UK agreed with the EU to ban non-European companies from the satellites
Instapaper to 'go dark' in Europe until it can work out GDPR compliance