ICO reports data-training improvements at NHS trust

Written by Jim Dunton on 21 March 2016 in News

Cambridgeshire Community Services NHS Trust has improved some of the information governance issues exposed by investigations into a series of data losses and thefts, according to the Information Commissioner’s Office.​

Trust chief executive Matthew Winn entered into an improvement undertaking with the ICO last year after a probe into the data breaches at the organisation, which provides a range of health services to residents in Cambridgeshire, Norfolk, Suffolk and Bedfordshire.

While the ICO investigation found that none of the incidents appeared to have caused substantial damage or distress to the individuals affected, it was discovered that trust employees were only required to refresh their information governance training every two years. An annual requirement was introduced nationally in 2013.

The ICO said the level of required mandatory annual refresher training at the trust had been “poor” at the time the improvement undertaking was signed. 

Related content

Police chief signs data-protection undertaking after ICO exposes failings

Cambridgeshire broadband take-up triggers £5.3m boost from BT

In its just-published follow-up report, the ICO said the trust had confirmed the introduction of a range of measures to ensure information governance training was kept up to date.

It said an electronic staff record system had been introduced to enable monitoring of staff compliance with e-learning training on the Health and Social Care Information Centre website.

The ICO said the system was able to identify staff who were on long-term sick leave, maternity leave or secondment, ensuring compliance statistics were recorded accurately.

The follow-up report also said that e-mail reminders were sent to staff about their IG training, which had to be completed within three months of employment commencing, and annually thereafter.

The ICO said: “The review demonstrated that the trust has taken appropriate steps and put plans in place to address the requirements of the undertaking and to mitigate the risks highlighted.”

The improvement undertaking, signed by Winn and ICO head of enforcement Stephen Eckersley in July 2015 suggested that at the time of the data-loss incidents the previous year, only 49% of staff were compliant with information governance training requirements, and that a target of achieving full compliance by March 2015 had been missed.

The ICO said compliance had reached 95% by September 2015.

Share this page




Please login to post a comment or register for a free account.

Related Articles

The coronavirus ‘infodemic’: truth and conspiracy online
15 September 2020

The spread of online misinformation during the Covid-19 pandemic has exacerbated a public health crisis. PublicTechnology digs into a recent parliamentary inquiry to find out...

Personal data of all Welsh coronavirus cases compromised in breach
15 September 2020

Public Health Wales says leak that affected more than 18,000 people to have tested positive was attributable to ‘human error’

Lifesaving data – how NHS Digital has worked with researchers to support coronavirus response
4 September 2020

Research director Tom Denwood explains how the national digital services agency has helped use information to better understand issues including effective treatments for Covid-19 and the...

Related Sponsored Articles

Digital inclusion is vital during the COVID-19 accelerated channel shift
22 September 2020

Accessibility requirements aren’t restrictions that need to be overcome - they’re guidelines to improve online experiences for everyone, says Jadu VP Richard Friend