The Information Commissioner’s Office (ICO) can now subject the NHS to compulsory data protection audits in a move aimed at cutting the number of data loss incidents in the health service.
The new powers will give the ICO the right to investigate England’s NHS foundation trusts, GP surgeries, NHS Trusts and Community Healthcare Councils, and their equivalent bodies in Scotland, Wales and Northern Ireland.
So far the ICO has issued fines totalling £1.3m to NHS organisations for data lapses that have seen numerous personal details lost, often due to basic, almost comical, errors.
These have included a £200,000 fine for NHS Surrey after 3,000 patient records were found on a computer sold at auction, a £55,000 fine for a fax blunder at an NHS Trust in Staffordshire and a £70,000 fine for a Welsh NHS Trust after a doctor emailed data on a patient to someone with a similar surname.
The ICO said its audits would focus on issues such as the security of patient data, records management, staff training and data sharing.
Christopher Graham, the information commissioner, said the NHS’s track record of keeping data secure was a cause for concern.
“Time and time again we see data breaches caused by poor procedures and insufficient training. It simply isn’t good enough,” he said.
“We fine these organisations when they get it wrong, but this new power to force our way into the worst performing parts of the health sector will give us a chance to act before a breach happens. It’s a reassuring step for patients.”
V3 contacted the Department of Health for comment on the new powers for the ICO but had received no reply at the time of publication.
The new powers come amid another embarrassing government data loss scandal, after it emerged last week that the Ministry of Justice has lost two CDs containing highly sensitive data on three police inquiries.
Open source solutions provider makes acquisition in bid to shore up cloud development tools business
Aims to "end data bottlenecks"
Looking to boost your career in IT? Here are the best-earning roles out there!
The BlackBerry KeyOne is a strange device that brings the best of BlackBerry and Android together in a Qwerty-equipped package, but it won't be for everyone