Passport Agency Violates Data Protection Act Over Lost Data

The Information Commissioner's Office (ICO) has revealed that the Identity and Passport Service breached the data protection act after losing 21 passport applications that contained information about the applicants.

The ICO informed that the affected people were informed and given new passports, and that they had received no complaints about the data being used by a third party, The Guardian reports.

The IPS has also signed an undertaking under which it has agreed to deploy a number of measures that would ensure that a breach like this is not repeated. The measures involve their staff being trained on how to handle sensitive documents.

Mick Gorrill, head of enforcement at the ICO, said in a statement, “a passport is an important identification document and it is clearly of concern that information relating to renewal applications has been lost.”

The government department has also agreed to conduct and document audits of the security measures being used to protect the processing of the personal data.