ICO Upholds Lambeth Council's Refusal on Information Request

The ICO has upheld Lambeth Council's refusal of one information request under the Environmental Information Regulations (EIR) 11(2) and 5(2). However, the Council breached EIR 5(2) by failing to respond within 20 working days and EIR 11(2) by not completing an internal review.

ICO Upholds Complaint Against Birmingham City Council for Delayed Planning Information

The UK's Information Commissioner's Office (ICO) has upheld a complaint against Birmingham City Council for failing to provide planning information within the statutory 20-working-day timeframe. The ICO found the council in breach of the Environmental Information Regulations (EIR).

ICO Updates UK GDPR International Transfer Guidance

The UK's Information Commissioner's Office (ICO) has updated its guidance on international personal data transfers under UK GDPR. The revised guidance aims to simplify compliance for businesses by introducing a 'three step test' and clarifying complex areas.

ICO Fines Two Companies £225,000 for Nuisance Marketing

The UK's Information Commissioner's Office (ICO) has fined Allay Claims Ltd and ZMLUK Limited a total of £225,000 for sending millions of unsolicited marketing messages. Allay Claims was fined £120,000 for unlawful text messages, and ZMLUK Limited received a £105,000 fine for unlawful marketing emails.

ICO Investigates Grok AI for Non-Consensual Imagery

The UK's Information Commissioner's Office (ICO) has opened a formal investigation into X Internet Unlimited Company and X.AI LLC regarding their Grok AI system. The investigation will assess compliance with data protection laws concerning the potential generation of non-consensual sexual imagery, including of children.

ICO Reprimands GP Surgery for Excessive Medical Data Disclosure

The UK's Information Commissioner's Office (ICO) has reprimanded Staines Health Group for sending 23 years of a terminally ill patient's medical records directly to an insurer, instead of the requested five years to the patient. The ICO cited a lack of written processes and inadequate training as contributing factors.

ICO Fines MediaLab £247,590 for Children's Privacy Failures

The UK's Information Commissioner's Office (ICO) has fined MediaLab, owner of Imgur, £247,590 for unlawfully processing children's personal data. The investigation found MediaLab failed to implement age checks and obtain parental consent, putting children at risk of exposure to harmful content.

OIG Audit: Medicaid Agencies Made $207M in Unallowable Payments for Deceased Enrollees

The HHS OIG has released an audit report finding that Medicaid agencies made an estimated $207.5 million in unallowable capitation payments to managed care organizations on behalf of deceased enrollees between July 2021 and June 2022. The report recommends CMS provide agencies with data to recover payments and explore OBBB Act implementation.

Maine Medicaid Autism Services Improper Payments

The HHS OIG has issued a report finding that Maine made at least $45.6 million in improper fee-for-service Medicaid payments for autism services provided to children. The audit identified that all sampled claims were improper or potentially improper, leading to recommendations for refunds and improved provider guidance.

HHS OIG: ACF Can Improve Homeless Youth Services Compliance

The HHS Office of Inspector General (OIG) issued a report finding that the Administration for Children and Families (ACF) can improve services to homeless youth by strengthening grant recipients' compliance with Transitional Living Program (TLP) requirements. The audit found significant documentation gaps in service provision for a large percentage of youth served by TLP grants.