ICO hits London NHS Trust with £60,000 fine

Data loss fine

The Information Commissioner's Office (ICO) has fined St George's Healthcare NHS Trust 60,000 for sending a patient's medical details to the wrong person.

The Trust sent out two letters in May 2011 to the patient's former address, despite having the person's up to date contact details already on file.

The patient's correct address had been logged on the national care records service, NHS Spine, in June 2006.

Stephen Eckersley, the ICO's head of enforcement, said the breach was "clearly preventable".

"This is the fourth monetary penalty we have issued to the NHS in the past two months," he said.

"It is vital that these organisations make sure they have the necessary measures in place to keep patients' details secure."

In a statement to IT Pro, a Trust spokesperson said the breach had been reported to the ICO as soon as it was discovered.

"We launched an immediate investigation and have introduced a number of measures to prevent similar incidents in the future, including clearer documentation and additional training for staff," said the statement.

"We have also made improvements to our information systems to ensure that staff always have access to the most up to date patient contact details."

Caroline Donnelly is the news and analysis editor of IT Pro and its sister site Cloud Pro, and covers general news, as well as the storage, security, public sector, cloud and Microsoft beats. Caroline has been a member of the IT Pro/Cloud Pro team since March 2012, and has previously worked as a reporter at several B2B publications, including UK channel magazine CRN, and as features writer for local weekly newspaper, The Slough and Windsor Observer. She studied Medical Biochemistry at the University of Leicester and completed a Postgraduate Diploma in Magazine Journalism at PMA Training in 2006.