Third NHS trust caught in breach of Data Protection Act

The Information Commissioner's Office (ICO) has found a third NHS trust in breach of the Data Protection Act within a month.

The latest enforcement...

The Information Commissioner's Office (ICO) has found a third NHS trust in breach of the Data Protection Act within a month.

The latest enforcement action is against Brent Teaching Primary Care Trust over the theft of two laptops containing personal information about 389 patients.

The laptops were stored in a locked office, but were left out on a desk in breach of the trust's security procedures and were not encrypted.

Brent PCT has signed a formal undertaking to process personal information in line with the Data Protection Act.

Abertawe Bro Morgannwg University NHS Trust and Tees, Esk and Wear Valleys NHS Foundation Trust signed similar agreements in January.

The ICO has ordered a number of other organisations to sign undertakings following breaches of the Data Protection Act.

Organisations include the Home Office, Department of Health, Foreign and Commonwealth Office and Orange Personal Communications Services.

Mick Gorrill, assistant information commissioner, said the ICO was concerned about the way some NHS organisations are transferring sensitive records onto laptops and other mobile devices that are not encrypted.

"Organisations need to ensure they implement appropriate safeguards to ensure personal details about patients are processed securely," he said.

The Brent Teaching Primary Care Trust has undertaken to ensure staff are adequately trained and to encrypt all portable and mobile devices used to store and transmit personal information.

Failure to meet the terms of the undertaking is likely to lead to further enforcement action by the ICO, said Gorrill.

Read more on IT legislation and regulation

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

  • How do I size a UPS unit?

    Your data center UPS sizing needs are dependent on a variety of factors. Develop configurations and determine the estimated UPS ...

  • How to enhance FTP server security

    If you still use FTP servers in your organization, use IP address whitelists, login restrictions and data encryption -- and just ...

  • 3 ways to approach cloud bursting

    With different cloud bursting techniques and tools from Amazon, Zerto, VMware and Oracle, admins can bolster cloud connections ...

SearchDataManagement

Close