Two trusts in trouble over data losses26th January 2009
The Information Commisionerâ€™s Office (ICO) has said two health service trusts have breached the Data Protection Act because they lost sensitive information.
Abertawe Bro Morgannwg University NHS Trust had a laptop stolen which was not encrypted and contained the data of around 5,000 patients.
Tees, Esk and Wear Valleys NHS Foundation Trust were guilty of losing an unencrypted memory stick which had patients and staff data stored on it, although it was given back to the trust at a later date.
The ICO said Abertawe Bro Morgannwg University NHS Trust and Tees, Esk and Wear Valleys NHS Foundation Trust had not secured patient records and as a result both had to sign "formal undertakings".
These undertakings require the trusts to outline how they will act to protect patients' records. If the trusts do not satisfy the requirements of the undertaking then they may face further action by the ICO.
The trusts now need to put in place rules to ensure patient data is stored securely, including the encryption of "all portable and mobile devices" which store patient information.
Mick Gorrill, Assistant Information Commissioner at the ICO, said: "Both these cases highlight the importance of implementing the appropriate safeguards to ensure sensitive personal details about patients are processed securely. Even though one case involved the theft of a laptop, the data controller is responsible for ensuring any personal data is adequately protected."
Share this page
There are no comments for this article, be the first to comment!
Post your comment
Only registered users can comment. Fill in your e-mail address for quick registration.
Title: Two trusts in trouble over data losses
Author: Jess Laurence
Article Id: 9937
Date Added: 26th Jan 2009