- Mobile
iOS App- Newsletters
- Subscribe
- Stakeholders
- Follow:
GOVERNMENT ZONE
- Central government
- Devolved government
- Education
- Health and social care
- Home affairs
- Local government
- Transport
AREA OF INTEREST
- Built environment
- Culture, heritage and museums
- e-government
- Energy
- Finance and pensions
- Innovation, science and technology
- International
- Management and HR
- PFI and partnerships
- Procurement
- Property
- Scotland
- Sustainable futures
- Waste
SISTER SITES
Email
Print
NHS trust fined £60k for 'distressing' data breach
12 July 2012
The London trust has been fined £60,000 by the Information Commissioner's Office for the data breach which the regulator said was both "distressing" for the individual concerned and also "avoidable".
Two letters sent were sent out in May 2011 to an address that the individual had not lived at for nearly five years. This was despite the fact that staff had been given the correct current address, which was also logged on the NHS SPINE national care records service.
NHS staff failed to use the address that had been supplied to them before the patient's examination, and they also failed to check their local database against information held on SPINE.
A prompt had even been set up to remind staff to check and update patient records against SPINE. This prompt could however be bypassed - something the trust knew about before the breach.
"It's hard to imagine a more distressing situation for a vulnerable person than the thought of their sensitive health information being sent to someone who had no reason to see it," said Stephen Eckersley, the ICO's head of enforcement.
"This breach was clearly preventable and is the result of the trust's failure to make sure the contact details they have for their patients are accurate and up to date."
The ICO has now issued four fines to NHS bodies in the past two months, the
largest of which stands at £325,000.
But even higher fines can be issued and the regulator has the power to issue penalties of up to £500,000 for serious breaches of the Data Protection Act.
Information Commissioner Christopher Graham has previously warned of a "systemic" problem in the health service.
And there are now fears from within the NHS that things could soon get worse as a result of Andrew Lansley's controversial health reforms.
Robin Smith, an NHS information governance manager, told Publicservice.co.uk in May that an increased reliance on third party suppliers could result in an "epidemic of data breaches".
Responding to the latest fine a spokesman for St George's Healthcare NHS Trust said that they accepted the penalty and that the trust had "sincerely apologised to those affected for the distress the incident has caused".
"As soon as we discovered this mistake we reported it to the ICO and contacted those affected to explain what had happened," the spokesman said.
"We launched an immediate investigation and have introduced a number of measures to help prevent similar incidents in the future, including clearer documentation and additional training for staff. We have also made improvements to our information systems to ensure that our staff always have access to the most up to date patient contact details."
COMMENTS
RELATED NEWS »
- New NHS won't escape fines for old data breaches
- Private investigators could face £500,000 fines for accessing data illegally
- Patients can stop their data being shared, says Jeremy Hunt
- Patients targeted after GP email account was hacked
- Caldicott 2 – NHS reported 186 serious data breaches in a year
- Police forces face investigation after sending personal data to G4S
- Margaret Thatcher's funeral delays NHS privacy review
SUGGESTED FEATURES »
- The new NHS: Only the fittest will survive and flourish
- Another day, another data breach: how to make sure you aren't next
- On Her Majesty's not-so-secret service: The 'plausible' plot of Skyfall
- Government faces growing data storage demands
- 'NHS must tell patients about data and privacy breaches'
- 'NHS and councils need help as they fall behind on data protection'