The Cardiff & Vale University Health Board have signed an undertaking with the Information Commissioner’s Office (ICO) following the loss of documents containing sensitive personal data by a consultant. The ICO was informed of the loss of the consulting psychiatrist’s bag on November 26, 2012.
The bag, which was attached to a child seat on the consultant’s bicycle, contained sensitive documents that included a mental health tribunal’s report on a patient, a solicitor’s letter, five CVs for consultant job applications, and the consultant’s mobile phone. The bag was lost while the consultant was cycling home from the health board’s offices.
At the time of the incident, the consultant had not yet completed data protection training. Further investigation by the ICO determined that the health board did not have an adequate plan in place to deal with the removal of sensitive information from their location.
You can read the undertaking and the remedial plan here (pdf).
Hope they can figure out what to do! I feel bad for the consultant psychiatrist