Aneurin Bevan Health Board fined £70,000 over data breach
Published: 30th Apr 2012 12:03:12
A Welsh health board has become the first NHS body to be fined for breaching the Data Protection Act after it released sensitive data about a patient to the wrong person.
Aneurin Bevan Health Board (ABHB) will have to pay a £70,000 penalty.
A doctor mis-spelt a name and did not give enough detail about a patient to his secretary, meaning a report was sent to someone with a similar name.
The board has introduced new data protection measures after the breach.
The Information Commissioner's Office (ICO) said the report contained explicit details relating to the patient's health and represented a serious breach of the Data Protection Act.
The error occurred when the patient's consultant emailed a letter to a secretary but did not provide enough information for the secretary to be able to identify the correct person.
The mistake was compounded by the doctor misspelling the patient's name at one point, which resulted in the report being sent to a former patient with a very similar name in March last year.
Organisations across the health service must stand up and take notice of this decision”
An investigation by the ICO found neither member of staff had received training in data protection and there were inadequate checks in place within the board to ensure personal information was only sent to the correct recipient.
These poor practices were also used by other clinical and secretarial staff across the organisation.
Stephen Eckersley, the ICO's head of enforcement said: "The health service holds some of the most sensitive information available.
"The damage and distress caused by the loss of a patient's medical record is obvious, therefore it is vital that organisations across this sector make sure their data protection practices are adequate.
"Aneurin Bevan Health Board failed to have suitable checks in place to keep the sensitive information they handled secure. This case could have been extremely distressing to the individual and their family and may have been prevented if the information had been checked prior to it being sent."
"We are pleased that the health board has now committed to taking action to address the problems highlighted by our investigation; however organisations across the health service must stand up and take notice of this decision if they want to avoid future enforcement action from the ICO."
ABHB is introducing some measures following the incident including ensuring all staff are trained on the storage and use of data policies, regular monitoring of compliance with data protection and IT policies and new checking processes to confirm a patient's identity before personal information is sent out.
The board has signed an undertaking to address the ICO's concerns.
A spokesman for ABHB said: "We accept the decision by the Information Commissioner's Office and have acted promptly on the points raised in their report.
We have reminded all staff involved in the communication of patient information of the importance of double checking unique individual details foe example NHS number, date of birth etc.
"We have also apologised to both parties involved in this breach of confidentiality and are working directly with the patients affected. We wish to reassure all patients that we are committed to the protection of all clinical information."
At 05:28:48 in EnglandThe Conservatives have said they will not subsidise new onshore wind farms if they win the 2015 general election.
At 04:37:25 in EnglandA man impaled in the neck by an industrial drill in a "freak accident" has been taken to hospital.
At 04:26:59 in HealthThe number of older people in England needing care will "outstrip" the number of family members able to provide it by 2017, a think tank has warned.
At 04:21:05 in HeadlinesUS President Barack Obama is meeting Japanese Prime Minister Shinzo Abe for talks on regional security and trade, on the first full day of his Asia tour.
At 04:02:52 in HeadlinesThe UN Secretary General has accused all parties in Syria's civil war of "flagrant violations" of international law over the delivery of aid.
At 04:00:21 in HeadlinesCanada says it will phase out the type of rail tankers involved in a deadly train derailment last July.
At 03:49:53 in HeadlinesThe oldest former player with Major League Baseball, Conrado "Connie" Marrero, has died in at home in Havana at the age of 102.
At 03:28:13 in WorldIndians are voting in the sixth phase of a marathon general election in which the governing Congress party is fighting the main opposition BJP.
At 03:13:22 in ScotlandThe last avalanche forecast of the latest Sportscotland Avalanche Information Service (SAIS) season has been published.
At 03:06:05 in ScotlandWhen Nicola Sturgeon joined the SNP, pursuing a career in politics was not her agenda.
Harvard CitationBBC News, 2012. Aneurin Bevan Health Board fined £70,000 over data breach [Online] (Updated 30th Apr 2012)
Available at: http://www.ukwirednews.com/news/1425488/Aneurin-Bevan-Health-Board-fined-70-000-over-data-breach [Accessed 24th Apr 2014]
News In Other Categories
The Irish education minister has proposed a radical shake-up of the further education sector.
Cult comic character Frank Sidebottom has inspired a film starring Michael Fassbender, while a documentary and biography are also in the works. Four years after his creator Chris Sievey died, why is Frank's legend growing and who was the man behind the mask?
The last avalanche forecast of the latest Sportscotland Avalanche Information Service (SAIS) season has been published.
Shares in Qualcomm, one of the world's biggest chipmakers, fell 5% in after hours trading as it issued a weaker than expected growth outlook.
The number of older people in England needing care will "outstrip" the number of family members able to provide it by 2017, a think tank has warned.
The Conservatives have said they will not subsidise new onshore wind farms if they win the 2015 general election.