News

ICO concerned about ongoing NHS data breaches

Warwick Ashford

The Information Commissioner's Office (ICO) has found two more NHS organisations in breach of the Data Protection Act.

The chief executives of the NHS Stoke-on-Trent and Basingstoke and North Hampshire NHS Foundation Trust have both signed formal undertakings to improve data security.

The ICO said it remains "highly concerned" that data breaches involving personal information are continuing to occur in NHS organisations.

The NHS accounts for a quarter of all data breaches reported, the ICO said.

"Health bodies must implement the appropriate procedures when storing and transferring patients' sensitive personal information," said Mick Gorrill, head of enforcement at the ICO.

In the latest incidents, 2,000 paper physiotherapy records were lost because they were not filed in NHS Stoke-on-Trent's archive system, and at Basingstoke and North Hampshire NHS Trust, a spreadsheet, containing 917 patients' pathology results, was e-mailed via an unsecure address to another department.

The spreadsheet was not password protected and the receiving department had no business need to have access to the excessive amount of clinical records, the ICO said.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy