UK: Information Commissioner hits another NHS Trust after data breaches
Siobhan Chapman reports:
An NHS trust has been hit by enforcement action by the Information Commissioner’s Office following the theft of two laptops containing patient data.
Brent Teaching Primary Care Trust was found to have breached data protection laws, after two laptops were stolen containing the personal information of 389 patients.
The laptops were stored in a locked office, but were left out on a desk in breach of the PCT’s own security procedures. What’s more, the laptops were not encrypted and contained sensitive information, including health details relating to some patients.
The Information Commissioner’s Office (ICO) has taken enforcement action against two other trusts in the last fortnight – Abertawe Bro Morgannwg University NHS Trust and Tees, Esk and Wear Valleys NHS Foundation Trust – in breach of the Data Protection Act.
The ICO has required all three trusts to sign a formal undertaking agreement that they will encrypt all data in future and improve security in line with the Data Protection Act.
Read more in ComputerworldUK