University of Greenwich
The University of Greenwich has been sentenced to a fine of £120,000 ($160,000) by the Information Commissioner.
The fine for a security breach, in which personal data of 19 500 students has been put online.
The data included names, addresses, dates of birth, telephone numbers, signatures, and – in some cases – physical health problems.
He was transferred to a microsite for a training conference in 2004, which was then not secured or closed.
In 2013, it has been compromised and the information, which had been published in the margins of the committee meeting minutes, has been published elsewhere.
In some cases individual students ‘ study progress, including the reasons why they had fallen behind, and copies of e-mails between them and the staff.
In an example, it has been revealed that a student had a brother who was fighting in a Middle Eastern army and references have been made to an application for asylum.
The violation was discovered by one of the students, who brought the matter to the attention of the BBC and the Information Commissioner’s Office (ICO)..
The Information Commissioner said Greenwich was the first university to receive a fine under the Data Protection Act 1998 and describes the violation as “serious”.’Distress’
“While the microsite has been developed in one of the departments without his knowledge, as a data controller, he is responsible for the security of the data throughout the institution,” said Steve Eckersley, head of enforcement at the ICO.
“The students and staff members have the right to expect that their personal data are kept securely and this serious violation has caused a lot of distress.
“The nature of the data and the number of people affected were informed of our decision to impose this level of fine.”
In a statement, the university said that it would not appeal the decision.
He said that he had carried out “a redesign is unprecedented,” its data protection and security systems since the discovery of the breach in 2016, and it has invested in technology and staff.
He also said that the fine would be reduced to £96,000 with a cash discount.
“We recognize the ICO’s findings and to apologise again to all those who have been affected,” said Secretary of the University Peter Garrod.
“No organization can say that it will be protected from unauthorized access in the future, but we can say with confidence to our students, staff, alumni and other stakeholders, that our systems are much more robust than they were two years ago as a result of the changes we have made.
“We take these matters very seriously, and keep our procedures to ensure they reflect best practices.”