London NHS Trust Fined Over Breach

Patient Information Repeatedly Faxed to Wrong Recipient
London NHS Trust Fined Over Breach

The UK Information Commissioner's Office has fined Central London Community Healthcare NHS Trust £90,000 for a breach involving patient lists repeatedly faxed to the wrong recipient.

See Also: The Application Security Team's Framework For Upgrading Legacy Applications

The ICO said in a release that the breach, a violation of the Data Protection Act, occurred in March of last year. Pembridge Palliative Care Unit, part of the Central London Community Healthcare NHS Trust, faxed patient lists intended for St. John's Hospice to the wrong recipient over a three-month period.

In total, 45 faxes were sent to the wrong destination. The individual receiving the faxes notified the Central London NHS Trust and said the faxes had been shredded, according to the release.

The patient lists included personal information on 59 individuals, including medical diagnoses and information relating to their "domestic situations and resuscitation instructions," the release said.

"Central London Community Healthcare NHS Trust failed to keep their patients' sensitive information secure," says Stephen Eckersley, head of enforcement at the ICO. "The fact that this information was sent to the wrong recipient for three months without anyone noticing makes this case all the more worrying."

The ICO's investigation determined the trust did not have sufficient checks in place to ensure that sensitive information sent by fax was delivered to the correct recipient, the release states. The trust also failed to provide sufficient data protection guidance and training to the staff member who was involved.


About the Author

Jeffrey Roman

Jeffrey Roman

News Writer, ISMG

Roman is the former News Writer for Information Security Media Group. Having worked for multiple publications at The College of New Jersey, including the College's newspaper "The Signal" and alumni magazine, Roman has experience in journalism, copy editing and communications.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.