Nurse Fined for Inappropriate Data Access
Published on: 24th September 2018
By PYXI GDPR Team
The ICO has reported that a former nurse has been fined £400 plus costs for inappropriate data access of 5 patients' records at Southport and Ormskirk Hospital NHS Trust.
The case confirmed that she had accessed the records outside of her role.
The ICO website quotes ICO Director of Investigations, Steve Eckersley, as saying:
”This abuse of a position of trust has caused significant distress to a number of people. The laws on data protection are there for a reason and people have the right to know their highly sensitive personal information will be treated with appropriate privacy and respect.
“The ICO will continue to take action against those who abuse their position and potentially jeopardise the important relationship of trust and confidentiality between patients and the NHS.”
This incident, prosecuted under the 1998 Data Protection Act, clearly shows the legal responsibility on everyone who as access to personal data to process that data in accordance with the law. Data protection is not simply and organisational issue, or a management issue, it is a key responsibility for EVERYONE.
PYXI GDPR Team: 24th Sep 2018 08:14:00
Subscribe to our
Weekly GDPR Newsletter.
It's full of really useful updates
for UK small businesses.
ICO Q2 Data Security Incident Trends
The ICO's figures for Q2 show that the most frequently reported data security incident relates to disclosure of data. The ICO's website has published information about Q2 2018-19's data security incidents by type and sector, and the single mo... click to read more