ICO spells out £500,000 penalty plans
The Information Commissioner’s Office has issued guidance on how it will use its new powers to impose penalties of up to £500,000 for breaches of the Data Protection Act. The guidance says the ICO will only issue a monetary penalty notice if there has been a “serious” breach of the DPA, if the breach was […]
News
ICO could fine trusts up to £500k
The Ministry of Justice has launched a consultation into whether the Information Commissioner’s Office should be able to penalise organisations that make serious data breaches with fines of up to £500,000. The consultation ‘Civil monetary penalties: setting the maximum penalty’ asks: “do you consider that a penalty of up to £500,000 provides the ICO with a […]
News
Trust loses cancer patient data
Ashford and St Peter’s Hospitals NHS Trust has been criticised by the Information Commissioner for losing three unencrypted USB sticks containing sensitive information about cancer patients.
News
Private medical records offered for sale
Medical records of patients treated at a private British hospital, The London Clinic, have been illegally sold to undercover investigators. The revelations were made in ITV’s Tonight Programme report, Health Records For Sale, broadcast last night. The programme reported that hundreds of files containing details of patients’ conditions, home addresses and dates of birth were […]
News
GPs warned about fake DPA agencies
GP practices have been warned to look out for bogus data protection firms posing as official government bodies. Londonwide Local Medical Committees has alerted its GPs after it was informed that many organisations were being targeted for the scam. The LMC said letters requesting up to £135 for notification under the Data Protection Act often […]
News
Two Scottish NHS bodies rapped by ICO
The Information Commissioner’s Office has told two different Scottish NHS bodies they must tighten data security after a series of data breaches. In one incident, a senior nursing manager in NHS Grampian inappropriately emailed 50 staff with sensitive personal details relating to a patient. In another incident, NHS Education for Scotland had a laptop containing […]
News
Practice server found in car park
An Ipswich GP has been rapped by the Information Commissioner’s Office after a computer server holding sensitive information was found in the practice car park. Dr Paul Thomas of the Gipping Valley Practice agreed to sign an undertaking to abide by the Data Protection Act after a server containing “the sensitive personal information of a […]
News
ICO issues privacy guide; Salford rapped
The Information Commissioner’s Office has urged organisations to consider privacy before developing new IT systems or changing the way they handle personal information. The call was made as the ICO issued the latest version of its Privacy Impact Assessment handbook, and days after yet another NHS trust was rapped for breaching data protection rules. Salford […]
News
Four more organisations breach DPA
The Information Commissioner’s Office has taken enforcement action against another four NHS organisations, taking the number rapped for data breaches to 14 in six months. Cambridge University Hospital NHS Foundation Trust, NHS Central Lancashire, North West London Hospitals NHS Trust, and Hull and East Yorkshire Hospitals NHS Trust have become the latest organisations to sign […]
News
NHS Camden rapped by ICO
The Information Commissioner’s Office has taken enforcement action against NHS Camden for breaching the Data Protection Act. The ICO has served the primary care trust with an enforcement notice for failing to dispose of a number of computers properly. Redundant, unencrypted computers holding the names, addresses and medical diagnoses of 2,500 individuals were left beside […]
News