Another NHS trust coughs up £90k fine for lax fax acts
Patients' privates sent to wrong address for months
The taxpayer-backed NHS has suffered another fine from the Information Commissioner's Office (ICO) for outing patients' private information to the wrong people.
The Central London Community Healthcare NHS Trust was slapped with a £90,000 ($142,000) penalty after the "serious breach of the Data Protection Act" that saw the trust send around 45 faxes over three months to the wrong place.
The trust had been faxing patient lists meant for St John's Hospice to the wrong person. The lists contained sensitive personal data on 59 different people, including their diagnoses and information about their domestic situations and resuscitation instructions.
That person eventually told Blighty's health service that they had been receiving the lists and had shredded them.
"Patients rely on the NHS to keep their details safe," ICO head of enforcement Stephen Eckersley said in a canned statement. "In this case Central London Community Healthcare NHS Trust failed to keep their patients sensitive information secure.
"The fact that this information was sent to the wrong recipient for three months without anyone noticing makes this case all the more worrying.”
The ICO said that the trust didn't have enough checks in place to make sure that sensitive faxes went to the right people and it wasn't training its staff adequately on data protection.
Last month, a Welsh health board was slapped with a £70,000 civil monetary penalty for emailing the detailed psychological record of a patient to the wrong person. ®
Sponsored: Global DDoS threat landscape report