DataBreaches.net

DataBreaches.net

The Office of Inadequate Security

Menu
  • Breach Laws
  • About
  • Donate
  • Contact
  • Privacy
  • Transparency Reports
Menu

UK: Royal Wolverhampton breached Data Protection Act – ICO

Posted on August 24, 2010November 1, 2015 by Dissent

To follow up on a breach mentioned previously on this site, the Information Commissioner’s Office has found that Royal Wolverhampton Hospitals NHS Trust breached the Data Protection Act (DPA) after the loss of 112 patient records from the Intensive Care Unit of New Cross Hospital’s Heart and Lung Unit. The unencrypted patient records were on a CD that was discovered at a bus stop near the hospital. There was no password protection on the CD, either. Previous reports had suggested that the CD contained data on over 800 patients. In a statement from the ICO, Mick Gorrill, Head of Enforcement at the ICO said:

“The fact that this information was several years old is of no consequence – patients’ personal data should always be handled in accordance with the Data Protection Act. I am pleased that the Trust has agreed to take remedial steps to ensure such an incident does not happen again.”

Investigations by the Trust and the ICO were unable to ascertain exactly why or how the CD was ever made, although it was established that there were areas of weakness in the Trust’s data protection procedures. This included a lack of timeliness in recalling patients’ charts that had been released to consultants.

The Trust has agreed to sign a formal Undertaking outlining that it will now process personal information in line with the DPA. The Trust will implement a number of security measures to protect personal information more effectively. These include ensuring that patient charts released to consultants are signed for on receipt and chased for return after just one week. Compliance with the Trust’s policies on data protection and records management will also be regularly monitored.

Source: Information Commissioner’s Office

Related Posts:

  • UK: Wolverhampton council in huge data leak blunder
  • UK: Hospital bosses told to improve security
  • UK: Birmingham Children’s Hospital found in breach…
  • NHS staff to improve data handling after details of…
  • NHS puts over 20,000 records at risk

Post navigation

← Ie: Fax leak of patient details 'not an isolated incident'
Iowa hospitals crack down on employee snooping →

Sponsored or Paid Posts

This site doesn’t accept sponsored posts and doesn’t respond to requests about them.

Have a News Tip?

Email:

Breaches[at]Protonmail.ch
Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Telegram: @DissentDoe

Browse by News Section

Latest Posts

  • Russian hackers exploiting Outlook bug to hijack Exchange accounts
  • Britain dismisses report claiming Sellafield nuclear site hacking, says no malware exists on our system
  • 23andMe data breach: Hackers accessed data of 6.9 million users
  • AlphV claims they have started contacting some of Tipalti’s clients (1)
  • Research: Privacy as Pretense: Empirically Mapping the Gap Between Legislative & Judicial Protections of Privacy
  • What it means — CitrixBleed ransomware group woes grow as over 60 credit unions, hospitals, financial services and more breached in US.
  • On September 2nd, the U.S. branch of Great Star Industrial Co. disbursed a ransom of 1 million dollars to a ransomware group
  • Former Public School Information Technology Manager Charged with Damaging School’s Computer Network

Please Donate

If you can, please donate XMR to our Monero wallet because the entities whose breaches we expose are definitely not supporting our work and are generally trying to chill our speech!

Donate- Scan QR Code   Donate!

Social Media

Find me on Infosec.Exchange.

I am also on Telegram @DissentDoe.

RSS

Grab the RSS Feed

Copyright

© 2009 – 2023, DataBreaches.net and DataBreaches LLC. All rights reserved.

HIGH PRAISE, INDEED!

“You translate “Nerd” into understandable “English” — Victor Gevers of GDI Foundation, talking about DataBreaches.net

©2023 DataBreaches.net