Hospital fined after data theft6th June 2012
Brighton and Sussex University Hospitals Trust has been fined £325,000 by the Information Commissioner's Office after computer hard drives were stolen from a hospital.
Data was stolen from Brighton General Hospital in September 2010 which contained confidential information about tens of thousands of patients.
The theft happened when a person who worked for the Sussex Health Informatics Service was tasked with destroying 1,000 hard drives.
The worker then removed at least 252 hard drives from the hospital and sold them to an eBay seller.
A data recovery company who bought four of the hard drives from the eBay seller discovered the information.
Data which related to HIV and GUM was found on hard drives sold on eBay in the winter of 2010.
According to the ICO, the information showed disability living allowance forms, children's reports, details about medical treatment and conditions, as well as staff information.
The ICO said the fine was the largest it had ever given a NHS trust. However, the trust said it did not have the money to pay the fine and would launch an appeal against the decision.
The ICO's deputy commissioner David Smith said the high fine set "an example for all organisations - both public and private - of the importance of keeping personal information secure".
The trust's chief executive, Duncan Selbie, responded: "We dispute the Information Commissioner's findings, especially that we were reckless, and a requirement for any fine."
Share this page
There are no comments for this article, be the first to comment!
Post your comment
Only registered users can comment. Fill in your e-mail address for quick registration.
Title: Hospital fined after data theft
Author: Jess Laurence
Article Id: 22061
Date Added: 6th Jun 2012