DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

UK: NHS Tayside and NHS Lanarkshire found in breach of Data Protection Act

Posted on November 26, 2008October 24, 2024 by Dissent

A press release from the Information Commissioner’s Office:

The Information Commissioner’s Office (ICO) has found NHS Tayside and NHS Lanarkshire in breach of the Data Protection Act after investigating complaints concerning the disposal of patient information at Strathmartine Hospital in Dundee and Law Hospital in Carluke.

The ICO was alerted to both data breaches earlier this year when members of the public found confidential health records in buildings on the site of the former hospitals.

Ken Macdonald, Assistant Commissioner for Scotland at the ICO, said: “The Information Commissioner’s Office takes all breaches of data security seriously. Clearly health records can contain particularly sensitive information and must be held securely and disposed of appropriately when no longer required. It is also a serious concern that both NHS Tayside and NHS Lanarkshire were keeping information for longer than necessary. We have ordered both NHS bodies to comply with the Data Protection Act in future or risk further enforcement action by the ICO.”

The ICO has now required both organisations to sign formal undertakings to comply with the Principles of the Data Protection Act. They should also follow the recommendations recently made by NHS Quality Improvement Scotland to prevent similar incidents occurring in the future. Failure to meet the conditions of the undertakings is likely to lead to further enforcement action by the ICO and could result in prosecution.

Ken Macdonald will be speaking at tomorrow’s GC Scotland ’08 ‘Transformation in Practice’ conference, where he will speak about the importance of compliance with the Data Protection Act and the significance of data minimisation when sharing personal information.

A copy of the undertakings can be downloaded from
http://www.ico.gov.uk/what_we_cover/data_protection/enforcement.aspx

In the news: BBC: Health boards ‘broke data laws’

Related posts:

  • UK: Health records loss 'breached data protection rules
  • UK: Poor data security in the NHS
  • UK: ICO issues stark reminder to NHS bodies on patient records
  • NHS Management, LLC issues updated statement about cyberattack in 2021
Category: Health Data

Post navigation

← UK: NHS lost patient details 135 times in two years
Tracing a crime suspect through a relative →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Qantas customers involved in mammoth data breach
  • CMS Sending Letters to 103,000 Medicare beneficiaries whose info was involved in a Medicare.gov breach.
  • Esse Health provides update about April cyberattack and notifies 263,601 people
  • Terrible tales of opsec oversights: How cybercrooks get themselves caught
  • International Criminal Court hit with cyber attack during NATO summit
  • Pembroke Regional Hospital reported canceling appointments due to service delays from “an incident”
  • Iran-linked hackers threaten to release emails allegedly stolen from Trump associates
  • National Health Care Fraud Takedown Results in 324 Defendants Charged in Connection with Over $14.6 Billion in Alleged Fraud
  • Swiss Health Foundation Radix Hit by Cyberattack Affecting Federal Data
  • Russian hackers get 7 and 5 years in prison for large-scale cyber attacks with ransomware, over 60 million euros in bitcoins seized

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Trump administration is building a national citizenship data system
  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.