A flash drive containing patients’ personal details has gone missing at Queen Mary Hospital, nine months after it was stored in a ward. A clerk at the hospital’s department of pediatrics discovered the loss on Monday, and informed management the following day. The device is not encrypted or password-protected. It contains a data file with…
Category: Health Data
Too-expansive access control lands NHS Birmingham East and North in breach of the Data Protection Act
NHS Birmingham East and North (BEN) breached the Data Protection Act by failing to restrict access to files on their IT network, the Information Commissioner’s Office (ICO) announced today. The breach, which was discovered by BEN on September 8, led to some NHS staff at their own Trust and two other NHS Trusts nearby potentially…
Rhode Island board disciplines doctor after Facebook description of case results in patient being recognized
Thomas J. Morgan reports: A physician who posted information on Facebook that allowed the identification of a patient, and another who has problems with alcohol and marijuana, are among six doctors who have been disciplined by the Rhode Island Board of Medical Licensure and Discipline. The board found Alexandra Thran, of Westerly Hospital, guilty of…
Saskatchewan privacy commissioner takes action after more medical records found in dumpsters
Taylor Shire reports: REGINA — Four more cases of medical files being found in dumpsters has prompted the Saskatchewan Information and Privacy Commissioner, Gary Dickson, to take action. Records were found in a Saskatoon dumpster on April 6 and materials were found outside a dumpster in northwest Regina two days later. Two other situations of…
University College London Hospital patient data found on unencrypted drive
The University College London Hospitals NHS Foundation Trust (UCLH) has signed an undertaking with the Information Commissioner’s Office after an unencrypted flash drive with patients’ sensitive personal information was discovered in a training room. Robert Naylor, Chief Executive of University College London Hospitals NHS Foundation Trust (UCLH) indicated that the ICO was notified by Brighton and Sussex…
UK: Borough of Poole agrees to strengthen data protection following a series of misdirected faxes
The Borough of Poole has signed an undertaking with the Information Commissioner’s Office as a result of faxing errors. According to the undertaking, signed by John McBride, Chief Executive of the Borough of Poole, faxes containing personal data had been sent to the same incorrect fax number on three separate occasions in 2010. On the first…