Student Loans Company criticised over data breaches

The Information Commissioner's Office has criticised the Student Loans Company after data breaches involving students' personal records.

The ICO noted three incidents, where information - including medical details and a psychological assessment - had been sent to the wrong people.

Not enough checks were carried out when documents were being scanned to add to students' accounts, the ICO found.

The SLC said it had since put in place additional quality checks.

The three incidents, which involved the records of five individuals, were reported by the Student Loans Company (SLC) to the ICO.

ICO head of enforcement Stephen Eckersley said: "For the majority of students, the Student Loans Company represents a crucial service that they rely on to fund their studies.

"Students are obliged to provide personal information to the loans company, both while they receive the loan and in the years when they are paying it back, and they are right to expect that information to be properly looked after.

"Our investigation showed that wasn't happening. We've spoken with the company and made clear that changes need to be made, and a formal undertaking is now in place."

A SLC spokeswoman said the data breaches took place in 2012.

"Our investigations found that these data breaches were caused by human error when we were manually assessing the eligibility of students applying for Disabled Students' Allowance. Those customers whose details were disclosed were advised of this.

"When we realised our mistake, we immediately contacted the person or organisation the information had been sent to, to apologise for our mistake and to make sure the details were deleted.

"We also reported the breaches to the ICO and will continue to keep them updated.

"SLC takes our responsibilities seriously to protect customer data under the Data Protection Act. We have put in place additional quality checks and are confident these will prevent this from happening again.

"We are also investing significantly in new technology and systems to improve our service to customers."