HFC Bank in the clear despite admitting data protection lapse

HFC
Bank has avoided censure from the Information Commissioner despite admitting
that it breached data protection regulations when a member of staff sent
e-mails to customers that revealed the e-mail addresses of all 2,600 customers
to whom the message was being sent.

According
to the BBC, automated responses from some recipients were also sent to all
customers on the list, revealing further personal details – such as mobile
phone numbers – and exacerbating the problem.

"I
think there are times when you just have to put your hand up and say it was a
human error,” HFC’s
corporate director Martin Rutland told the BBC MoneyBox programme.

"We
have been sending e-mails out this way for well over a year. They have never
been a problem. In this instance we made a mistake, and we unreservedly
apologise for it."

Data
protection rules require that personal information held by an organisation on
an individual remains confidential, but when HFC, part of the HSBC Group, sent
the e-mails to 2,600 customers of its Marbles credit card service, it breached
the regulations.

According
to the BBC, HFC has informed the UK’s
data protection watchdog, but the Information Commissioner decided to take no
action.

By Daniel Thomas

Sign up to our weekly round-up of HR news and guidance

Receive the Personnel Today Direct e-newsletter every Wednesday

Email(Required)

OptOut

From time to time, we will send you emails about selected products, events and services from Personnel Today and OHW+ - but you can choose to opt-out at any time. If you do not wish to receive these emails, please tick this box.

Phone

This field is for validation purposes and should be left unchanged.

Δ