Non-U.S.

UK: NHS radiographer, 32, faces jail after illegally accessing more than 200 female patients’ personal records before hounding them for dates

Sophie Law reports: An NHS radiographer who illegally accessed the personal records of more than 200 female patients before pestering them for dates is facing jail. Andrew Stewart, 32, who worked at hospitals in Lanarkshire and Ayrshire, used his position to look up patient files of women he had been treating and made a note of their...

IT vendor fined after data of 47,800 students, parents and staff of Singapore schools hacked

Nicole Chang reports: IT vendor Learnaholic has been fined S$60,000 after the personal data of more than 47,000 students, parents and staff of various schools were hacked. The organisation provided services including attendance-taking and e-learning systems to schools in Singapore under a contract with the Ministry of Education. However, lapses in its security arrangements...

JP: More HDDs with personal data found to be auctioned

Officials of Kanagawa Prefecture say nine more hard disk drives with taxpayers’ personal information are still missing in addition to another nine drives that have been recovered. The 18 HDDs were auctioned away online by a worker of a recycling firm in violation of contracts. Read more on NHK.

Fine against hospital due to data protection deficits in patient management

From the European Data Protection Board: The Commissioner for Data Protection and the Freedom of Information Rhineland-Palatinate imposed a fine of 105,000 euros on a hospital in Rhineland-Palatinate. The fine is based on several breaches of the General Data Protection Regulation in the framework of a patient mix-up when admitting the patient. This resulted...

UK: ICO enforcement action for insider snooping breach

From the Information Commissioner’s Office, this announcement: A former Social Services Support Officer at Dorset County Council has been prosecuted for accessing Social Care records without authorisation. An internal investigation found that Ms Shipsey had inappropriately accessed the Social Care records without any business need to do so. The records related to four individuals...