The Information Commissioner’s Office has hit a clear warning to charities that it won’t go soft on them, after it required the Alzheimer’s Society to sign a formal undertaking agreeing to comply with the Data Protection Act 1998 and improve its security and staff training. This follows the loss of several unencrypted laptops containing the names, addresses, national insurance numbers and salary details of 1,000 UK staff. The ICO – the regulator in charge of enforcing data protection laws in the UK – reiterated its message that it has given out frequently: all portable devices containing personal data must be encrypted and that staff are appropriately trained at all times.