A councillor has said Lichfield District Council is “verging on negligent” by continuing to use unencrypted laptops three years after the issue was first identified.
Cllr Joanne Grange’s comments came at a meeting of the audit and member standards committee.
The session was debating a report which revealed that the local authority has been using a number of laptops since 2017 without adequate security measures.
“I would struggle to sleep at night”
Cllr Grange told the meeting she would “struggle to sleep” if the data of a local resident was stolen as a result of the use of computer equipment without the correct security steps in place.
“While I appreciate COVID-19 has made things difficult, these are not new risks – the laptops has been a risk since 2017.
“I’m nervous letting this go. If we were subject to a hacking attack or if we lost residents’ data knowing what we know about the risks and how long they take to be addressed that feels very uncomfortable and verging on negligent.
“I’d want some assurance on how we can be certain residents’ data is safe.
“If we facilitate someone’s identity being stolen or suffering financial loss I would struggle to sleep at night having just agreed to roll the work over until February.”Cllr Joanne Grange, Lichfield District Council
Cllr Dave Robertson, Labour representative for Curborough ward, said the council may need to put more resource into protecting data held about residents.
“If there is that significant a resourcing issue which has been there since April or May time and is likely to be there through December, do we need to be talking about whether we get some more staffing resources into IT?
“There is significant data which we don’t have full assurance about its security.”Cllr Dave Robertson, Lichfield District Council
Cllr Grange, independent representative for Chadsmead ward, said the council needed to take the risks associated with the security of all data seriously.
“The risk is not to the council – but it is to our residents.
“It’s bank account details and National Insurance numbers for our employees as well as residents.
“We have got a very big responsibility when we are holding data that can identify people.
“The perception I’m getting is that as a council we are not taking this seriously.”Cllr Joanne Grange, Lichfield District Council
“We take the security of residents’ data extremely seriously”
A spokesperson for Lichfield District Council said the laptops were due to be phased out in the New Year.
“We take the security and protection of our residents’ data extremely seriously and work with the National Cyber Security Centre to continuously monitor our network and computers.
“Of the total laptops the council has in active use, only 13 of these are unencrypted and have no residents’ personal data stored on them.
“As the 13 machines are nearing the end of their useable life, they have been identified to be replaced by January 2021.”Lichfield District Council spokesperson