A council has been fined £150,000 for publishing sensitive personal information about a traveller family on its website.
Basildon Council released details about the family’s disabilities, including mental health issues, in a planning application.
The Information Commissioner’s Office (ICO) says the authority failed to remove the personal data.
The council said it was taking legal advice and has 28 days to appeal.
Basildon Council breached the Data Protection Act when it published the information in planning application documents which it made publicly available online, the ICO said.
Its investigation found the authority received a written statement in support of a planning application for proposed works on green belt land on 16 July 2015.
The statement contained sensitive personal data relating to the traveller family who had lived on the site for several years.
The ICO said an inexperienced council officer did not notice the personal information, and there was no procedure in place for a second person to check it before it was published online.
The information was only removed on 4 September 2015 when the concerns came to light.
ICO enforcement manager Sally Anne Poole said: “This was a serious incident in which highly sensitive personal data, including medical information, was made publicly available.
“Planning applications in themselves can be controversial and emotive, so to include such sensitive information and leave it out there for all to see for several weeks is simply unacceptable.”
A Basildon Council spokesman said: “The council has been given 28 days in which to lodge an appeal against this decision. We are taking advice and considering our position.”