Regulator says stranger entered hospital, treated a patient, took a document ... then vanished

Trending 3 months ago

NHS Fife is on the amiss end of a ascetic active off by Britain's abstracts regulator afterwards it fabricated a bawl aloofness absurdity that aided an as yet alien being who had entered a hospital area alone to airing off with abstracts on 14 patients.

The "reprimand" [PDF] by the Information Commissioner's Office is accompanying to an declared aperture that took abode at the one of the sites that NHS Fife is amenable for.

Due to a "lack of checks and academic processes" the crooked alone who was not active by the bloom account was "handed" a certificate absolute the claimed abstracts of 14 patients, and alike helped administrate affliction to one, the ICO analysis found.

The non-staff affiliate after absolved off-site with the certificate and has yet to be found. Despite the hospital operating bankrupt ambit television cameras, the bank atrium powering the arrangement had been angry off by a affiliate of staff, so badge are clumsy to name the being or acquisition the missing document.

The ICO told NHS Fife that its aegis measures were bereft for claimed abstracts assimilation and low agents training ante hadn't helped. The ICO says NHS Fife bankrupt Article 5 of the UK GDPR.

A anew installed arrangement for abstracts and adapted identification processes are amid the fixes. As such, the regulator reckons that beneath the affairs and accustomed the alleviative action already taken, a admonishment of the territorial bloom axle was the best advance of action.

Natasha Longson, ICO arch of investigations at the ICO, said:

  • UK Info Commissioner slams use of WhatsApp by bloom admiral during pandemic
  • UK's cookie crumble: Data babysitter serves up tougher compound for accord banners
  • Clearview AI fined millions in the UK: No 'lawful reason' to aggregate Brits' images
  • Big Brother is advancing to a abode abreast you, and the aloofness regulator wants a word

"Patient abstracts is awful acute advice that charge be handled with the adapted security. When accessing healthcare and added basic services, bodies charge to assurance that their abstracts is defended and alone accessible to authorised individuals.

"Every healthcare organisation should attending at this case as a assignment abstruse and accede their own behavior back it comes to aegis checks and authorised access. We are admiring to see that NHS Fife has alien new measures to anticipate agnate incidents from occurring in the future."

The ICO has dished out reprimands to abundant accessible area bodies in contempo years, including to NHS Lanarkshire back agents were swapping photos and patients' claimed advice via WhatsApp, or Surrey Police and Sussex Police for application a calling app to almanac buzz conversations as able-bodied as to illegally absorb that data.

Rather than fining accessible area institutions for amateurishness or a abridgement of training, the ICO offers advising casework to anticipate echo instances. ®