A ‘SERIOUS’ breach of data protection has taken place at the borough council with councillors unable to discuss the matter on legal advice.

A document about the breach being reported to the Information Commissioner’s Office (ICO) was presented to councillors at a Basingstoke and Deane Borough Council meeting on Monday last week.

However, the audit and accounts committee was told by Kevin Jaquest, the borough council’s executive director of finance and resources, it would be ‘inappropriate’ for the issue to be discussed.

After repeated attempts to ask questions from councillors, Mr Jacquest added: “We have had strong legal advice and as the paper says it’s a part of our process which is of notifying of the referral. It is not appropriate at this stage for members to discuss it and the report is very clear that it is a report for noting.”

At the meeting, Lib Dem councillor Keith Watts, who said he had lodged three questions about the matter beforehand, said: “I don’t accept that at all. The reputational damage of us not discussing it would be relevant here I would have thought.”

Labour councillor David Potter said: “It has gone into the public realm already by being on the agenda. I would not want a discussion, just some questions.”

Despite this, further questions were not answered with the chairman of the panel, Cllr Roger Gardiner, drawing a line under the item, but adding it was ‘not satisfactory’.

Cllr Potter added: “As far as I am concerned this is unacceptable in the sense that it appears on our agenda, there is a report that gives some information clearly, a significant amount of information in regard to the determination of this matter having been classified as serious, and yet beyond that we’re not allowed to make any comment or ask any questions. That really is unacceptable I think.”

A serious breach is defined as an incident of ‘potential detriment to individuals’ or ‘sensitivity of the data’.

The breach was reported to the ICO on December 12 last year with the council meeting report detailing potential risks including reputational damage and a fine from the ICO which can impose £500,000 fines for the most serious breaches of the Data Protection Act. It could be several months before the ICO makes a decision on the case.