A PRIVATE housing group based in Christchurch has been reprimanded for breaching the Data Protection Act.

The Information Commissioner’s Office confirmed yesterday that Spectrum Housing Group sent the personal data of 200 employees to the wrong e-mail addresses.

As revealed by the Daily Echo in March, a Spectrum employee accidentally emailed a non-secure Excel spreadsheet containing employees’ data, including details of their pension contributions, to the wrong external email address.

The error was discovered 30 minutes after the email had been sent, at which point the unintended recipient was informed and the data destroyed.

The ICO said its investigation found that at the time of the incident Spectrum Housing did not have a sufficient policy in place to help prevent such incidents and has ordered the company to take action.

Acting head of enforcement, Sally Anne Poole, said: “While on this occasion the information compromised was not sensitive, the fact is that at the time of the incident Spectrum Housing Group did not have appropriate controls in place.

“This case highlights the need for organisations to make sure that adequate checks are put in place and documents are suitably protected before they are sent out.”

Wayne Morris, group chief executive of Spectrum Housing Group, has now signed a formal undertaking to make sure that in the future, spreadsheets or other documents containing personal data are only sent by email where they are necessary and only contain the minimum amount of data required.

At the time the group told the Echo that the error was a “genuine mistake”.

The organisation will also consider password protecting or encrypting documents containing personal information where needed.