ICO Penalizes Brighton Hospital for Confidential Data Theft
It has been revealed in a new report that the Brighton and Sussex University Hospitals NHS Trust has been hugely penalized for the theft of the confidential information of thousands of patients.
The report has found that the violation of data was the result of asking a person to destroy the hospital’s nearly 1,000 hard drives. He was working for Sussex Health Informatics Service (HIS), IT service provider of the trust.
The drives containing private information of patients and staff had been stolen from Brighton General Hospital in September 2010. Also, the report has found the same drives were the sold on eBay in October and November 2010.
It is being said that the hard drives had everything ranging from patients' medical conditions and treatment to reports of children and disability living allowance forms. Also, info associated to HIV and Genito Urinary Medicine patients was also there.
Additionally, these drives also held staff details such as home addresses, IDs of hospital and wards and National Insurance numbers.
The hospital has been fined a sum of £325,000, the amount that has never been imposed, as per The Information Commissioner's Office (ICO). However, the hospital says that the same is not affordable and an appeal would be made.