Brighton and Sussex to appeal data fine

  • 6 June 2012
Brighton and Sussex to appeal data fine
The Information Commissioner’s Office will not take regulatory action over NHS Digital/

Brighton and Sussex University Hospitals NHS Trust has said it “simply cannot afford to pay” a £325,000 fine handed down by the Information Commissioner’s Office and is appealing to the Information Tribunal.

The ICO announced last Friday that the trust had been issued a record-high fine of £325,000 for breaching the Data Protection Act.

The breach occurred after a contractor that the trust paid to destroy hundreds of hard drives, containing sensitive patient information, instead sold them on eBay.

ICO deputy commissioner and director of data protection David Smith said the trust “failed significantly in its duty to its patients” and the fine should set an example for all organisations.

However, Brighton and Sussex University Hospitals chief executive Duncan Selbie said the trust disputed the ICO’s findings, especially the charge that the trust was reckless, which is a requirement for any fine.

He added that in times of austerity, the trust hasa pressing duty to deliver the best and safest care to its patients with the money available.

“We simply cannot afford to pay a £325,000 fine and are therefore appealing to the Information Tribunal.”

Selbie said the Information Commissioner’s Office had ignored the trust’s extensive representations.

“It is a matter of frank surprise that we still do not know why they have imposed such an extraordinary fine,” he said in a statement.

“[We have made] repeated attempts to find out, including a freedom of information request, which they interestingly refused on the basis that it would ‘prejudice the monetary penalty process’.”

Selbie said no sensitive data had “entered the public domain” due to the hard drives theft.

“We arranged for an experienced NHS IT service provider to safely dispose of our redundant hard drives and acted swiftly to recover, without exception, those that their sub-contractor placed on eBay,” he said.

“We reported all of this voluntarily to the Information Commissioner’s Office, who told me last summer that this was not a case worthy of a fine.”

 

Subscribe to our newsletter

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Sign up

Related News

ICO guidance on transparency published for health and care sector

ICO guidance on transparency published for health and care sector

New guidance has been issued by ICO over how health and care organisations should be transparent over the use of personal information.
ICO reprimands NHS Lanarkshire for sharing patient data via WhatsApp

ICO reprimands NHS Lanarkshire for sharing patient data via WhatsApp

The Information Commissioner’s Office (ICO) has issued a reprimand to NHS Lanarkshire following the use of WhatsApp by staff to share patient data.
Transgender charity Mermaids fined £25k for data protection breach

Transgender charity Mermaids fined £25k for data protection breach

The transgender charity has been fined £25,000 by the Information Commissioner’s Office (ICO) for failing to keep the personal data of its users secure.