Health Boards’ serious data breaches a reminder to us all

Side of RRV with lozenge

Grampian Health Board has been ordered by the Information Commissioners Office (ICO) to take action to ensure its patients information is better protected, following six data breaches within a thirteenth month period. 

Breaches included patients’ data left in public places and a breach of the Data Protection Act after sensitive information was sent to the wrong address. 

This is a stark reminder of the importance of keeping information secure, and we all have a part to play. 

Trust Secretary Laila Abraham said: “It is important that all our staff take information confidentiality seriously. As well as distress caused to the subjects of a data breach the consequences for the Trust could be significant. The Information Commissioner can impose financial penalties of up to £500,000 for serious losses. 

“Many staff handle confidential and sensitive information every day. Patients trust us to keep their information secure, and under the Data Protection Act we have a legal duty to ensure that their information is protected. 

“Although we have procedures in place to safeguard information, we are reliant on each individual to follow best practice when handling confidential data in their day-to-day jobs. We have an information governance team that can provide guidance to staff, so if anyone has any concerns or would like some advice, please do get in touch.”

There are also information governance pages on East24 and a downloadable information security leaflet for staff reference. 

Remember, actual or suspected data losses should be reported to a manager immediately and logged on the DATIX system. There are specific incident codes in Datix which cover information losses: breach of confidentiality; loss of information (patient records); loss of information/data (all other records); and lost/misplaced laptops and memory sticks. 

Published 2nd December 2014 


Leave a Comment
Name (required)
Email Address (required, never displayed)
Enter a message

(all comments are moderated - your submission will be posted on approval.)