NHS Scotland Staff Violate Data Protection Laws 634 Times

Nov 17, 2014

NHS workers in Scotland have continually violated data protection controls over the past three years with over 500 instances of abuse of the system recorded in that timeframe including an image of a patient posted onto Facebook.

An investigation by Big Brother Watch found that there have been 634 data protection breaches in the last three years including everything from covert filming of staff, loss of patient case files and photographing of case files to the misuse of social media.

“It is clearly unacceptable that health staff in Scotland have thought that they could post such ­confidential details on social media and disclose them to third parties,” said Emma Carr, director of Big Brother Watch, according to Herald Scotland. “Urgent action is [therefore] needed to ensure that medical records are kept safe and the worst data breaches are taken seriously, including the introduction of greater penalties for those who abuse that access. This should include the threat of jail time and a criminal record.”

Of the data protection violations identified in the report, 12 resulted in an employee’s resignation including the instance that saw a photograph of a patient uploaded onto a Facebook account.

Tony Pepper, CEO at encryption solution provider Egress, explained that people are still failing to heed the advice that sharing information on social media sites is just as damaging as any other medium.

“For some reason, while it seems obvious that you should not share sensitive information on social media, people ignore the fact it is just as bad to be sharing sensitive information unprotected in any form. Whether it’s through an online web form, a cloud-based collaboration platform, a large file sharing drive, or a common or garden email, sensitive data – particularly personal information relating to people’s health – needs to be encrypted and protected,” Pepper said.

With the NHS in the process of implementing a plan to allow unfettered online access to patient records from next year, data protection violations like this don’t make easy reading for those behind the plan.

Image Credit: Flickr (Ted Eytan)




Author: Jamie Hinks
View the original article here.
Published under license from ITProPortal.com
big brother watch / data breach / data protection / data protection act / health / Healthcare / ITProPortal / NHS / Partners / public sector / Scotland

Comment

 

Understanding the risks and rewards of public sector cloud 

Download the Whitepaper now

Partner

24Newswire
Sign up to receive latest news

Twitter Feed

Why does pubsec ICT PR firm @MantisPR want to be at the upcoming #eventcentreUK THINK Digital Vendors 2016 event? https://t.co/3tE5o7aMmO
@24nbiz
Apr 01, 2016
@thinkdigicon supporter @Adv365 sets out its stall for tomorrow's landmark #gcloud event https://t.co/FQraJP2yyg
@24nbiz
Mar 21, 2016
@thinkdigicon supporter @Adv365 explains why it's supporting tomorrow's show https://t.co/2Wj3UECo9s
@24nbiz
Mar 21, 2016
@24n.biz: what's the final agenda for tomorrow's @thinkdigicon #gcloud @GOVUKdigimkt show? https://t.co/6CASi8lrnU
@24nbiz
Mar 21, 2016