In response to a regulatory complaint by Advice Resolutions, the Information Commissioners office adjudicates against London Borough Council ordered to produce an Action Plan after breaches of the Data Protection Act 2018.
The London Borough Council delayed responding for over a year to several requests to furnish Advice Resolution’s client with subject access data they were entitled to pursuant to the Data Protection Act 2018.
Although protracted documents were exchanged over the course of the year, little or no attempt was made to provide the data. The seriousness of which led Advice Resolutions to apply for a regulatory assessment from the Information Commissioner’s office.
The London Borough is a public authority and there was a higher expectation that their efficiency of a response would have been forthcoming much sooner.
The delayed provision of a data subject’s personal data can result in severe distress, financial loss, distrust and a breakdown of relations between the Data Controller who has initial control of the data and to whom further consent is given to process the data, namely, the Data Processors.