Feeds

Man gets £12,500 after girlfriend probes his medical data

Nurse ex-partner's data breach cost him a job

Boost IT visibility and business value

This is a rare event indeed: a data subject has taken successful action for compensation under section 13 of the Data Protection Act. Normally what happens if a data controller has caused damage is that there is an out-of-court settlement with a gagging (sorry "confidentiality") clause so no-one is the wiser.

The claimant brought an action following an unauthorised disclosure of his personal medical data from the Plymouth Hospital NHS Trust, in or about December 2007. The partner of the data subject had unlawfully accessed his medical records in the course of her employment as a nurse and thereby committed a breach of the Act. This and the handling of his resultant complaint caused a four-and-a-half year exacerbation of a pre-existing paranoid personality disorder and prevented him also from accepting an offer of employment.

Honour Judge Cotter QC, sitting at Plymouth County Court, assessed damages for personal injury under section 13 of the Data Protection Act 1998. He awarded £12,500 for exacerbation of the claimant’s pre-existing condition and £4,800 for loss of earnings on the premise that he had been offered six months' work. However, this was awarded in light of the medical evidence – viz, that he would have been unable, probably, to sustain employment for any length of time and would have been likely to have held a job down for only eight weeks.

A claim for aggravated damages failed. ®

This story originally appeared at HAWKTALK, the blog of Amberhawk Training Ltd.

Gartner critical capabilities for enterprise endpoint backup

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Scale data protection with your virtual environment
To scale at the rate of virtualization growth, data protection solutions need to adopt new capabilities and simplify current features.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?