The Belfast Health Trust has been fined £225,000 after thousands of patient records were found abandoned in a disused hospital. The Information Commission imposed the fine because the trust failed to secure confidential files at Belvoir Park Hospital, which closed in 2006.
The breach of data protection came after last year’s discovery of the records after thieves broke into a disused hospital, stealing sensitive personal data of thousands of patients, staff records including unopened pay-slips and posting some of these online including X-rays and scans, in an attempt to sell the material.
Belvoir Park Hospital in south Belfast was closed to patients in 2006 when a new cancer hospital was built at Belfast City Hospital. Belfast Health Trust took over responsibility for a new building in 2007 at Belfast City Hospital as part of a major trust reorganisation.
However, management failed to properly secure the building and the thousands of records inside it leading to the very serious incident – an incident that could have been easily avoided if the Trust took the correct procedures to protect patients personal data.
The Belfast Health Trust has accepted that it is “unfortunate” that the fine will be paid out of its efficiency savings – money which could have funded jobs, equipment or subsidised car parking fees.
This is the second fine issued by the Information Commissioner’s Office (ICO) this month. Following our news report on 1/06/12 of Brighton and Sussex University Hospitals NHS Trust having been served with a Civil Monetary Penalty (CMP) of £325,000 following a serious breach of the Data Protection in patients records.
To visit more on this story click the follwoing link: http://www.bbc.co.uk/news/uk-northern-ireland-18497161
