The owner of high tech retail outlet PC World has been warned to review its information security and staff training procedures after customer information was discovered in a skip outside one of its stores.
The data protection breach came to light after the Information Commissioner’s Office was told by a local authority’s environmental health department that it had found the eight completed customer credit agreements, which included personal and financial data in January this year.
The ICO said that the paperwork related to transactions undertaken two years earlier. The documentation had been retained beyond the period specified in the Data Protection Act and disposed in a manner inconsistent with it, it added. PC World should have transported the customer credit agreements in sealed containers to a central facility for secure shredding.
"As a result of this incident, the Commissioner also formed the view that the data protection training given to the data controller’s staff was limited," the ICO said.
Although PC World owner DSG Retail will not be fined on this occasion, John Browett, its chief executive, has been required to sign a formal undertaking to prevent a similar breach from happening again. The firm has been instructed to review its security procedures and train staff on how to comply with its security policies.
Replies (0)
Please login or register to join the discussion.
There are currently no replies, be the first to post a reply.