Hartlepool Borough Council faces hefty GDPR fines if it fails to rectify a number of “issues” highlighted in a report that’s set to go before councillors next week.
Friday 9th December 2022 07:00am
At the councils Audit & Governance Committee set to be held next week, its claimed Hartlepool Borough Councils managed migration onto a new IT system has left concerns by auditors that the authority is potentially failing in its duty to maintain satisfactory GDPR compliance which could in turn lead to Hartlepool Borough Council subjected to hefty fines if the matter is failed to be resolved.
The risk of potential unauthorised use is "significant".....
In the report, its detailed that numerous failings in the councils IT management was found, including one potentially serious issue being that unauthorised access to the councils IT system could be gained, resulting in personal & or sensitive information being taken & used maliciously or fraudulently.
The councils IT systems are said to be undergoing a period of managed migration, as the authority moves to a more updated IT services framework, however its claimed “limited assurances” over the roll out of the project has left auditors concerned that the council has been unable to officially sign off on much of the work as issues over the migration of the councils IT services from the old system to the newer system still remain unresolved.
Redcar & Cleveland Councils IT system "hack" reportedly cost £10.0 Million Pounds to fix
Redcar & Cleveland Councils IT system was downed for months following a cyber attack on its ageing IT infrastructure.
Just two years ago, nearby Redcar & Cleveland council experienced a massive IT system collapse following claims its network was the victim of a “cyber-attack” causing the councils entire IT network to be rendered unusable.
Redcar and Cleveland Council had initially put the repair bill figure at somewhere near ten million pounds to fix after its computers and even its website were targeted, leaving the local council left going back to pen & paper when its IT infrastructure was rendered totally inoperable for months before being eventually resolved.
In Hartlepool, questions in the past have been raised into council officers managing to access a residents personal information from the councils IT systems, leading to concerns that officers could potentially use that information for malicious purposes with some officers unfettered access to local residents personal information leaving residents personal information extremely vulnerable to their information being used for malicious purposes..
In the report set to go before councillors next week, its claimed the council now has a detailed action plan to managed the risks highlighted in the auditors report of the councils IT system
Comments