This site is intended for health professionals only


Soaring numbers of data handling breaches revealed

Exclusive: The number of data handling breaches across the health service is spiralling as electronic exchange of patient information increases the risk of it being accessed inappropriately, new figures reveal.

Data obtained from the Information Commissioner's office under the Freedom of Information Act revealed that between April 2011 and this January there were 442 cases where NHS or private health providers admitted ‘personal data security breaches' or where they had complaints under data protection law upheld.

The findings come just weeks after the Information Commissioner proposed fining Brighton and Sussex University Hospitals NHS Trust a record £375,000 after hard drives containing patient data were sold on eBay. The trust has challenged the suggested penalty.

The Information Commissioner has already upheld 286 complaints over a breach of the data protection act in 2011/12 so far, compared with 274 in the whole of the previous financial year and 212 in 2008/09. Health services have reported 156 ‘personal security data breaches' so far, just 10 less than across all of 2010/11.

GP leaders said the Government needed to examine the findings to find ways of preventing the spiralling amount of data being processed electronically by the NHS from leading to further increases in data breaches.

Dr Chaand Nagpaul, a GPC negotiator and a GP in Stanmore, said: ‘The volume of data currently being recorded electronically is increasing. But it is incumbent on the Government to analyse whether there is a pattern behind this or a specific cause, as the numbers of breaches are going up.'