On April 18, 2008, the Office of the Irish Data Protection Commissioner, Billy Hawkes, was informed about the theft of four laptops belonging to the Bank of Ireland. Although the laptops, which contained personal data of up to 31,500 customers, went missing in the course of last year, the bank’s management had not been informed until February. The Commissioner’s Office will now conduct an investigation into (i) the reasons why the personal data, including sensitive medical data, had been stored on the laptops; (ii) the security measures used by the bank; and (iii) the reasons for the delay in reporting the loss.

The Irish Data Protection Commissioner’s press release is available at:

http://www.dataprotection.ie/viewdoc.asp?Docid=718&Catid=75&StartDate=1+January+2008&m=n.