Warning over patient data security following breaches
By Nigel Praities
The Information Commissioner has issued a warning over the security of patient data after it uncovered several serious breaches by NHS organisations, including patient notes being left on a bus.
The commissioner's office said five NHS organisations were found to have lost sensitive patient information and has reminded all NHS organisations about their responsibilities under the Data Protection Act
The security breaches included the reported loss of the medical treatment details of 20,000 patients from the cardiology department of the Royal Free Hampstead NHS Trust.
Since this initial report, the Trust has admitted to the ICO that it cannot be precise about the information contained on the disk.
Epsom and St Helier University Hospital NHS Foundation Trust was storing hospital records insecurely for nearly two years after data was transferred between hospitals.
A spokesperson from the trust said: 'We recognise the seriousness of the incident and immediately after it was reported, the notes were moved to a secure location and a full investigation was launched.'
The Hampshire Partnership NHS Trust and Chelsea, Surrey and Sussex NHS Trust and Westminster Hospital Foundation Trust also reported breaches involving the loss of records from nearly 800 patients and staff, including a ward handover sheet found on a bus.
Sally-Anne Poole, head of enforcement and investigations at the ICO, said: ‘The Data Protection Act clearly states that organisations must take appropriate measures to ensure that personal data is kept secure.
‘These five organisations recognise the seriousness of these data losses and have agreed to take immediate remedial action,' she said.