The Information Commissioner’s Office has warned that fostering and adoption agencies are not transferring data between themselves and local authorities securely enough and need to “take action before it’s too late”.
The ICO has recently published the findings from ten advisory visits to fostering and adoption agencies.
According to the report, sensitive information about both foster carers and children was being emailed between agencies and local authorities without being encrypted, increasing the risk of it being accessed inappropriately. It also criticises organisations for not encrypting mobile devices, such as memory sticks and laptops that are used to transport data.
Other criticisms levelled at organisations include foster carers being expected to provide updates about children via email rather than through a virtual private network, staff carrying out work on data on their home computers, and inadequate data-protection training.
John-Pierre Lamb, ICO group manager in the good-practice team, said: “Agencies and the councils they work with should see this report as a wake-up call and take action before it’s too late.”
The report does note a number of areas of good practice such as having IT access controls based on a person’s job description and having home-working policies.
To address the issues highlighted in the report, the ICO is now working with the Nationwide Association of Fostering Providers, the British Association for Adoption and Fostering and the Fostering Network on producing data protection guidance for the sector.
Social housing sector
A separate ICO report into social housing organisations also warns organisations to improve data sharing policies.
Lamb said: “Clear policies and procedures along with appropriate training and high staff awareness are the cornerstones of good data protection and will help prevent future breaches.”
The report also suggests that organisations look at ways to implement secure printing procedures, such as using swipe cards or a pin code to allow access to the printer.
