A visitor to St Bernard’s Hospital found a list of patients scheduled to visit a particular doctor. The list was next to a rubbish bin in a public area of the hospital.
The list included patients’ names, contact numbers, dates of birth…
A complaint was lodged with the Gibraltar Regulatory Authority – and the Gibraltar Health Authority was held to be in breach of the Data Protection Act.
Read more on Panorama.gi.