Feeds

Man gets £12,500 after girlfriend probes his medical data

Nurse ex-partner's data breach cost him a job

Secure remote control for conventional and virtual desktops

This is a rare event indeed: a data subject has taken successful action for compensation under section 13 of the Data Protection Act. Normally what happens if a data controller has caused damage is that there is an out-of-court settlement with a gagging (sorry "confidentiality") clause so no-one is the wiser.

The claimant brought an action following an unauthorised disclosure of his personal medical data from the Plymouth Hospital NHS Trust, in or about December 2007. The partner of the data subject had unlawfully accessed his medical records in the course of her employment as a nurse and thereby committed a breach of the Act. This and the handling of his resultant complaint caused a four-and-a-half year exacerbation of a pre-existing paranoid personality disorder and prevented him also from accepting an offer of employment.

Honour Judge Cotter QC, sitting at Plymouth County Court, assessed damages for personal injury under section 13 of the Data Protection Act 1998. He awarded £12,500 for exacerbation of the claimant’s pre-existing condition and £4,800 for loss of earnings on the premise that he had been offered six months' work. However, this was awarded in light of the medical evidence – viz, that he would have been unable, probably, to sustain employment for any length of time and would have been likely to have held a job down for only eight weeks.

A claim for aggravated damages failed. ®

This story originally appeared at HAWKTALK, the blog of Amberhawk Training Ltd.

Top 5 reasons to deploy VMware with Tegile

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
5 critical considerations for enterprise cloud backup
Key considerations when evaluating cloud backup solutions to ensure adequate protection security and availability of enterprise data.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
How to simplify SSL certificate management
Simple steps to take control of SSL certificates across the enterprise, and recommendations centralizing certificate management throughout their lifecycle.