UK Health Board Fined Over Breach

First NHS Organization Penalized Under Data Protection Act
UK Health Board Fined Over Breach

The UK has announced the first fine against a National Health Service unit for a breach in violation of the Data Protection Act. The Aneurin Bevan Health Board in Wales was fined £70,000 by the Information Commissioner's Office for sending sensitive patient information to the wrong person.

See Also: The Alarming Data Security Vulnerabilities Within Many Enterprises

"The error occurred when a consultant e-mailed a letter to a secretary for formatting, but did not include enough information for the secretary to identify the correct patient," according to a government press release. The doctor also misspelled the name of the patient, which resulted in the report being sent to a former patient with a similar name, the ICO explained.

An ICO investigation determined that the staff members had not received data protection training and that the organization lacked "adequate checks" to ensure personal information was sent to the correct person.

"The damage and distress caused by the loss of a patient's medical record is obvious, therefore it is vital that organisations across this sector make sure their data protection practices are adequate," says Stephen Eckersley, the ICO's head of enforcement.

"We are pleased that the Health Board has now committed to taking action to address the problems highlighted by our investigation; however organisations across the health service must stand up and take notice of this decision if they want to avoid future enforcement action from the ICO," Eckersley stressed.

A copy of the monetary penalty notice can be viewed here.


About the Author

Jeffrey Roman

Jeffrey Roman

News Writer, ISMG

Roman is the former News Writer for Information Security Media Group. Having worked for multiple publications at The College of New Jersey, including the College's newspaper "The Signal" and alumni magazine, Roman has experience in journalism, copy editing and communications.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.co.uk, you agree to our use of cookies.