Data blunder leads to £185,000 fine for NHS trust
Blackpool Teaching Hospitals NHS Trust has been fined £185,000 after the information watchdog said it had “played fast and loose” with personal details of its staff.
In March 2014, the trust inadvertently published confidential data including national insurance numbers, dates of birth, religious beliefs and sexual orientation.
The trust did not notice its mistake for 10 months and it was another five months before they informed affected staff.
Stephen Eckersley, head of enforcement at the Information Commissioner’s Office, said: “This trust played fast and loose with the highly sensitive and private information that was entrusted to them. It seems they ignored their duty to put rules in place to protect staff who deliver hospital services to others.”
Laptop theft leads information watchdog to act against Scottish council
Invigorating the public sector revolution
He said that measures to protect the information from being published were “woefully inadequate or non-existent”.
Staff agreed to provide the information as part of the trust’s promise to publish equality and diversity metrics online.
But the trust used spreadsheets which revealed hidden data when users double-clicked on the data.
The ICO issued fines in similar circumstances against Torbay NHS Trust in July 2012 and London Borough of Islington in August 2013.
Last week, the ICO announced that the Culture, Media and Sport select committee had approved Elizabeth Denham as the new Information Commissioner.
Subject to final approval from the Queen, Denham will take over from incumbent Christopher Graham in summer 2016.
Share this page
CONTRIBUTIONS FROM READERS
Please login to post a comment or register for a free account.
Sensitive data was left unsecured in prison holding area, according to data watchdog
In the first of a series of exclusive interviews, the head of government’s ‘Digital HQ’ talks to PublicTechnology about the Central Digital and Data Office’s work to unlock £8bn...
Authority claims it is taking ‘swift and decisive action’ in response to incident it claims affected several councils
Permanent secretary Alex Chisholm tells MPs that his department has adopted new measures and worked to increase skills
Related Sponsored Articles
The traditional reactive approach to cybersecurity, which involves responding to attacks after they have occurred, is no longer sufficient. Murielle Gonzalez reports on a webinar looking at...
Feli Freeman (not verified)Submitted on 6 May, 2016 - 20:16