From the Information Commissioner’s Office:
An undertaking to comply with the seventh data protection principle has been signed by Worcestershire Health and Care NHS Trust. This follows an investigation whereby the local press were handed a patient handover sheet containing details of 18 patients.
The sensitive personal data was found on a table in a waiting room at Evesham Railway Station.
According to details in the undertaking, the incident occurred in August, 2013, when a patient handover sheet from the Palliative Care Unit at Evesham Community Hospital was found on a table in the waiting room at Evesham Railway Station and turned over to the local press.
The list contained details related to 18 patients, concerning their medical conditions and treatment notes. The patient handover sheet had been dropped at the Railway Station by a temporary agency nurse working a night shift.
Of particular concern, it appears that employees routinely took these patient handover sheets with them at the end of their shift because there was no way to securely shred or dispose of the records on the ward. Additionally, temporary personnel may not have received adequate data protection training.
Read the Worcestershire Health and Care NHS Trust undertaking.