Former Nurse Prosecuted for Patient Personal Data Breaches
Public authorities hold vast amounts of personal data and safeguards are in place to ensure that such information is kept safe. In one case, the Office of the Information Commissioner (ICO) mounted a successful prosecution against a former nurse who accessed the sensitive medical records of over 3,000 patients.
The woman had also obtained unauthorised access to staff records across an NHS region and was dismissed when the truth emerged. It was one of the most serious incidents of its kind ever to affect the NHS in that region and, following an internal inquiry, patients were contacted and reassured that no records had been changed and that medical care had not been affected.
The woman had accessed the electronic records without the permission of the data controller and, after the matter was referred to the ICO, she pleaded guilty to breaches of the Data Protection Act 1998. She was fined £650, and ordered to pay costs of £664 and a victim surcharge of £65.