UK councils have recorded thousands of data breaches over the past three years, according to a report released by privacy group Big Brother Watch.
The A Breach of Trust report was compiled using Freedom of Information requests, and found 4,236 incidents of sensitive data breaches between April 2011 and April 2014, a rate of almost four a day.
The report listed 628 instances of "incorrect or inappropriate" data being shared by email, letter and fax, 260 cases in which confidential data was lost, and 99 cases of unauthorised people accessing or disclosing data.
Following the release of the report, Big Brother Watch has called for the tightening of regulation around data breaches and said that council workers should face jail terms in serious cases.
This comes after it was found that only one in 10 of the council data breaches resulted in disciplinary action.
"Current penalties for serious data breaches do not deter individuals who are seriously considering breaking the law. Judges presented with serious data breaches should be able to hand out custodial sentences if the perpetrator is found guilty of a serious breach," the report stated.
The group called for mandatory training in security for council workers, and highlighted "concerns at the ease with which a breach can unwittingly occur due to poor training and management".
Emma Carr, director of Big Brother Watch, said that the findings indicate "lax attitudes" when it comes to protecting sensitive data.
"Despite local councils being trusted with increasing amounts of our personal data, this report highlights that they are simply not able to say it is safe with them," he added.
"Far more could be done to prevent and deter data breaches from occurring. Better training, reporting procedures and harsher penalties available for the most serious of data breaches, including criminal records and custodial sentences, are all required."
However, the report shows that data breaches by malicious hackers are far less common than those resulting from human error.
One example was Windsor and Maidenhead Borough Council mistakenly posting personal information on 257 people on its intranet, while another involved a CCTV worker using the surveillance system to watch a colleague's wedding.
The Local Government Association, which promotes the activities of local authorities, told V3 that "councils take data protection extremely seriously".
"Staff are given ongoing training in handling confidential data. Given the huge volume of data councils handle, breaches are proportionately rare. When they do occur, robust investigations and reviews are immediately undertaken to ensure processes are tightened," the organisation said.
However, Phil Barnett, EMEA vice president and general manager of Good Technology, said that the figures show a "shockingly naïve approach" to public data protection.
"With the public's trust diminishing, government bodies need to take matters into their own hands," he said.
"The best approach for minimising security threats is a combination of stringent security policies, the correct tools and education. Education is vital, as it equips the workforce with the knowledge they need to make informed decisions and evaluate potentially risky situations."
Luke Brown, vice president and general manager at security firm Digital Guardian, said that it is difficult to combat human error.
"There are numerous technologies out there designed to combat human errors and more malicious insider threats. Small investments can go a long way, so it's mystifying that local authorities aren't taking more advantage of the solutions available," he said.
FBI briefing US companies to dump Kaspersky, claiming intelligence prove it a 'threat to national security'
Kaspersky rejects FBI accusations that its products are a 'threat to national security'
But breached contractor says that it simply didn't have that much data
EE follows Three in threatening legal action against Ofcom - but for entirely different reasons
The One X is already sold out at several retailers