NHS Surrey has been fined £200,000 by the ICO for losing information of more than 3,000 patients and unknowingly ‘selling’ it online.
Thousands of patient records had been found on a second-hand NHS computer that was auctioned on eBay. The NHS branch were fined for handing over sensitive information to a data destruction company that had failed to properly dispose of the records.
“The facts of this breach are truly shocking,” ICO head of enforcement Stephen Eckersley said in a statement.
“NHS Surrey chose to leave an approved provider and handed over thousands of patients’ details to a company without checking that the information had been securely deleted.
“The result was that patients’ information was effectively being sold online.”
This raises the questions as to how much do you trust the suppliers you work with? Are they cyber secure? Do they uphold their levels of security?
In Michael Krausz and John Walker’s newly published ‘The True Cost of Information Security Breaches and Cyber Crime‘ title, they discuss the importance of information security and how damaging a breach could be to your organisation. This balanced pocket guide helps managers and business decision makers to form better assessments of their organisation’s information and cyber security needs.