UK GDPRGovernment

Birmingham Children's Trust Community Interest Company

Children's Data

Authority

ICO

Country

United Kingdom

Date Issued

March 17, 2024

Industry

Government

Summary

The ICO issued a reprimand to Birmingham Children's Trust for disclosing irrelevant and unauthorized criminal allegations against a child within a care plan sent to the family. The breach violated data minimization and security principles under UK GDPR by including sensitive information that was neither necessary for the plan nor authorized for the family's access.

Violation Types

Children's DataSecurityData Processing

Articles Violated

View original enforcement decision

Related Enforcement Actions

Reddit, Inc.

ICO · UK GDPR · February 22, 2026

€17M

Capita plc and Capita Pension Solutions Ltd

ICO · UK GDPR · October 14, 2025

€16M

TikTok Inc.

ICO · UK GDPR · May 14, 2023

€15M

Advanced Computer Software Group Limited

ICO · UK GDPR · March 25, 2025

€4M

LastPass UK Ltd

ICO · UK GDPR · November 19, 2025

€1M

Avoid enforcement risk with automated compliance

IQWorks helps organizations automate UK GDPR compliance before regulators come knocking.

Talk to an Expert