Recent data security challenges in the health and social care sector — what is your response?
By David Hall
The latest exercise of its powers by the Information Commissioner’s Officer (ICO), which is the regulator under the Data Protection Act 1998, brings the issue of data security home to roost in the health and social care sector.
In the most recent reported incident of data security in the sector, which happened in August 2013, files managed by a Welsh home care provider (Neath Care) relating to 10 vulnerable and elderly people were found on a street in Neath Port Talbot. The papers included personal care plans and sensitive information about the service users’ health. Unfortunately, on this occasion, the care-home provider did not detect the error and the papers were found, and the incident reported, by a member of the public. It is even more concerning, however, that before the files were dropped in the street, it appears they had been outside the care provider’s premises (in a staff member’s possession but undetected by the care provider) for 10 weeks.
Unsurprisingly, the ICO intervened in this case and heavily criticised Neath Care for the breach of the service users’ data security. The approach taken by the ICO shows, however, that when intervening the ICO does not only look at the breach itself but takes into account the quality of your monitoring and training/awareness as well as the organisations’ policies, processes and technical facilities for managing data security…
Click on the link below to read the rest of the Anthony Collins briefing.
News from Anthony Collins
Briefings from Anthony Collins
And so it begins — first parts of the Anti-Social Behaviour, Crime and Policing Act 2014 coming into force on 13 May 2014
Provisions of the Anti-Social Behaviour, Crime and Policing Act 2014 are being brought into force in stages by way of ‘Commencement Orders’.
Poor care, unanswered requests for help, enforced incontinence and basic neglect are unfortunately all too common in the care of elderly people.