Press Releases - Information Commissioner's Office (ICO)

• Press Releases - Information Commissioner's Office (ICO)

  tags: privacy

  • 30 Apr 09 - ICO issues stark reminder to NHS bodies on patient records
    The Information Commissioner’s Office (ICO) is reminding NHS bodies of the importance of data security having found four more NHS organisations in breach of the Data Protection Act. Cambridge University Hospital NHS Foundation Trust, Central Lancashire Primary Care Trust, North West London Hospitals NHS Trust and Hull & East Yorkshire Hospitals NHS Trust have all signed formal Undertakings outlining that they will process personal information in line with the Data Protection Act.

NHS and e-health information under the spotlight. Mick Gorrill, Assistant Information Commissioner at the ICO, said: “These four cases serve as a stark reminder to all NHS organisations that sensitive patient information is not always being handled with adequate security. It is a matter of significant concern to us that in the last six months it has been necessary to take regulatory action against 14 NHS organisations for data breaches. In these latest cases staff members have accessed patient records without authorisation and on occasions, have failed to adhere to policies to protect such information in transit. There is little
point in encrypting a portable media device and then attaching the password to it.