Log In
Tuesday 24th April 2018

Data breaches in NHS worst

29th April 2010

The NHS is the worst offender among any UK organisation for serious data breaches.


The Information Commissioner’s Office says since the end of 2007 it has the highest number of serious breaches, accounting for more than 30% of the total reported.

The figures were outlined by David Smith, deputy commissioner at the ICO, at the Infosec security conference.

The NHS, which is in the process of rolling out electronic patient records, had 287 breaches to it in the period. Included in that total were 113 cases resulting from stolen data or hardware, with 82 cases of lost data or hardware.

However, he did acknowledge that while the public sector reported all breaches, that was not always the case in the private sector.

Richard Vautrey, the deputy chair of the British Medical Association’s GPs committee, thought the number of breaches reflected the size and complexity of the NHS along with its culture of openness.

“So many people have access to data and often human error is to blame. There is an increased attempt to be open and honest about what happens to data,” he said.

Reporting procedure for data breaches in the UK is voluntary although the ICO is seeking a compulsory system and in April introduced fines of up to £500,000 for serious data breaches.

Data encryption firm PGP welcomed the move, saying that organisations had continued to ignore the warning signs.

“They are risking both the privacy of their customers and the reputations of their brands,” said Jamie Cowper, PGP European marketing director.


Share this page


There are no comments for this article, be the first to comment!

Post your comment

Only registered users can comment. Fill in your e-mail address for quick registration.

Your email address:

Your comment will be checked by a Healthcare Today moderator before it is published on the site.

M3 - For secure managed hosting over N3 or internet
© Mayden Foundation 2018