News

NHS accounts for 30% of data breaches in past two years

Warwick Ashford

Over 200 NHS organisations have admitted to losing sensitive personal information in the past two years, according to the Information Commissioner's Office (ICO).

These data breaches account for nearly 30% of all data breaches reported to the ICO since HMRC lost 25 million child benefit records in November 2007.

Nearly a third (32%) of all breaches reported involved theft.

The ICO said it has investigated organisations, including several NHS bodies, that have failed to secure their premises and hardware adequately.

Mick Gorrill, assistant commissioner for investigations, said organisations, especially NHS bodies, should ensure the level of security is appropriate for the type of data they are holding.

The ICO has taken action against 54 organisations for the most reckless breaches in that time, said David Smith, deputy information commissioner.

"We expect the prospect of a significant fine [from 2010] for reckless or deliberate data breaches will focus minds at board level," he said.

UK organisations that break data protection rules could face fines of up to £500,000 under new ICO powers scheduled to come in to force from next year.

The new powers will give the ICO formal inspection powers across government.

The ICO will also increase its auditing role to ensure greater compliance with the Data Protection Act.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy