The NHS Breach The Data Protection Act: IT Governance Has The Cure

The NHS: It’s a service we all use, and we all rely on. And we expect it as a given, that when we visit the doctor, the hospital or other health sector organisations, that the sensitive information they possess about us is treated with care and confidentiality.

The NHS holds millions of sensitive personal information records for almost every individual in the country. And, as with any organisation that stores personal data, the NHS must comply with DPA regulation.

Last week however, the Information Commissioner stated that the health service must do more to keep patients’ personal information safe. His comments come after another five health organisations were found to be in breach of the DPA.

In a damning statement The Commissioner stated:

“Millions of records are constantly being accessed and we appreciate that there will be occasions where human error occurs. But recent incidents such as the loss of laptops at NHS North Central London – which we are currently investigating – suggest that the security of data remains a systemic problem.

“The policies and procedures may already be in place but the fact is that they are not being followed on the ground. Health workers wouldn’t dream of discussing patient information openly with friends and yet they continue to put information on unencrypted memory sticks or fax it to the wrong number. The sector needs to bring about a culture change so that staff give more consideration to how they store and disclose data. Complying with the law needn’t be a day-to-day burden if effective measures are built in and then become second nature.”

IT Governance has the cure.

Data Protection Starts With You

When we think of data protection, our minds spring to cyber attacks, hacking and vulnerabilities within IT systems. We must remember though, that the crucial component of data protection is actually the individual. They are the ones who use, manage and transfer data. Data protection should always begin with the individual.

Download our free technical briefing paper on how to protect content stored on laptops, USB memory sticks and other mobile devices.

It’s Easy, With E-Learning

IT Governance has drawn on its years of Data Protection Act awareness training to produce the world’s most useful and complete online e-learning Data Protection Awareness Course.

This course is for all employees in your organisation that are involved in processing personal information in their daily job. Train your staff today and avoid any “low-level” slips in your organisation’s IT security.



ITG e-Learning Course – DPA Staff Awareness
– The Course Covers:

DPA 1-Day Foundation Course
  • What the Data Protection Act (DPA) is
  • The 8 principles of the DPA
  • DPA Definitions
  • An individual’s 6 data protection rights
  • What you can do to protect personal information

Download the ITG e-Learning Course today!

It doesn’t matter whether you are a bank, a retailer, a service provider or the NHS. If you store personal data you need to ensure your organisation is DPA compliant and your staff DPA aware. Failure to do so can incur huge fines, brand damage and loss of business.

Take action and book your staff on our DPA Awareness e-Learning course today.