Despite having four laptops stolen containing personal election information last year, St Albans council is still failing on data security.
The council had four unprotected laptops stolen containing the personal details of 14,500 postal voters. The machines were not physically secured and the data was not encrypted.
But a report from local government IT managers organisation Socitm, which was brought in by St Albans council to investigate data security failings, says there is evidence of staff sharing passwords and a continuing threat to data security.
The Herts Advertiser reports Socitm consultants have found there is now the physical locking of hardware to desks and the encryption of laptops and memory sticks. However, Socitm found a number of "exposures" were still found, such as staff sharing passwords.
Recommendations in the Socitm report include an updated ICT strategy for the council, audit files for all log-ins and access to databases, and moves to ensure the data trustworthiness of council and Northgate staff, the council's IT outsourcer.
St Albans council has published guidance to those electors affected by the laptop thefts
