ICO concerned about ongoing NHS data breaches


ICO concerned about ongoing NHS data breaches

Warwick Ashford

The Information Commissioner's Office (ICO) has found two more NHS organisations in breach of the Data Protection Act.

The chief executives of the NHS Stoke-on-Trent and Basingstoke and North Hampshire NHS Foundation Trust have both signed formal undertakings to improve data security.

The ICO said it remains "highly concerned" that data breaches involving personal information are continuing to occur in NHS organisations.

The NHS accounts for a quarter of all data breaches reported, the ICO said.

"Health bodies must implement the appropriate procedures when storing and transferring patients' sensitive personal information," said Mick Gorrill, head of enforcement at the ICO.

In the latest incidents, 2,000 paper physiotherapy records were lost because they were not filed in NHS Stoke-on-Trent's archive system, and at Basingstoke and North Hampshire NHS Trust, a spreadsheet, containing 917 patients' pathology results, was e-mailed via an unsecure address to another department.

The spreadsheet was not password protected and the receiving department had no business need to have access to the excessive amount of clinical records, the ICO said.

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy