The Association of School and College Leaders and Holly Park School have signed separate undertakings with the Information Commissioner’s Office after laptops containing sensitive personal data had been stolen. The sensitive personal data in each case included details of health, including trade union members and school pupils respectively. The laptops were unencrypted. The School did not even have a data protection policy in place. The ICO – the UK’s data protection regulator – has once again emphasised the importance of taking appropriate security measures to protect data, particularly with encrypting portable devices. The organisations at the centre of the breaches have agreed to take better steps to encrypt, as well as raising awareness and training amongst its users. The undertakings can be found here: http://www.ico.gov.uk/news/latest_news/2011/laptop-thefts-highlight-the-need-for-encryption-05102011.aspx.