Last week the Information Commissioner's Office issued 2 more fines, this time to Ealing and Hounslow. In both cases they lost laptops containing unencrypted personal data.
The amounts were fairly modest, £80,000 and £70,000 respectively.
Ealing council had a policy in place, so it looks like they hadn't rolled out the technology to implement it.
Security needs more than a nice statement of intent, it needs simple tools in place for all staff. And simple does not mean a vague reference to PGP or using disk encryption. These sort of tools are far to complex for most of us.
Some councils are getting it right. In 2009 when Lancashire council lost 4 laptops, they were remote wiped before anything nasty happened. Councils like Leicester and South Gloucester are using safedrop to send large and sensitive files, giving protection from mis-addressing and interception.
When your staff need to share sensitive files, what tools are available? Check it's not email or ftp.