This site is intended for health professionals only

At the heart of general practice since 1960

Warning over patient data security following breaches

By Nigel Praities

The Information Commissioner has issued a warning over the security of patient data after it uncovered several serious breaches by NHS organisations, including patient notes being left on a bus.

The commissioner's office said five NHS organisations were found to have lost sensitive patient information and has reminded all NHS organisations about their responsibilities under the Data Protection Act

The security breaches included the reported loss of the medical treatment details of 20,000 patients from the cardiology department of the Royal Free Hampstead NHS Trust.

Since this initial report, the Trust has admitted to the ICO that it cannot be precise about the information contained on the disk.

Epsom and St Helier University Hospital NHS Foundation Trust was storing hospital records insecurely for nearly two years after data was transferred between hospitals.

A spokesperson from the trust said: 'We recognise the seriousness of the incident and immediately after it was reported, the notes were moved to a secure location and a full investigation was launched.'

The Hampshire Partnership NHS Trust and Chelsea, Surrey and Sussex NHS Trust and Westminster Hospital Foundation Trust also reported breaches involving the loss of records from nearly 800 patients and staff, including a ward handover sheet found on a bus.

Sally-Anne Poole, head of enforcement and investigations at the ICO, said: ‘The Data Protection Act clearly states that organisations must take appropriate measures to ensure that personal data is kept secure.

‘These five organisations recognise the seriousness of these data losses and have agreed to take immediate remedial action,' she said.

Rate this article 

Click to rate

  • 1 star out of 5
  • 2 stars out of 5
  • 3 stars out of 5
  • 4 stars out of 5
  • 5 stars out of 5

0 out of 5 stars

Have your say