NHS trust fined £175,000 over data leak

Summary:The UK's privacy watchdog has told Torbay Care Trust in Devon to pay £175,000 after it exposed personal information of more than 1,000 employees by putting their data on a website

An NHS trust in Devon has been fined £175,000 after publishing the sensitive personal details of more than a thousand employees on its website.

Torbay Care Trust was handed the monetary penalty by the Information Commissioner's Office (ICO) after leaking the equality and diversity responses of 1,373 staff in April 2011, the ICO said on Monday. Details including names, sexuality, religion, National Insurance numbers and dates of birth were available online as part of an Excel spreadsheet for 19 weeks.

"The fact that this breach was caused by Torbay Care Trust publishing sensitive information about their staff is extremely troubling and was entirely avoidable," said ICO head of enforcement Stephen Eckersley.

"Not only were they giving sensitive information out about their employees but they were also leaving them exposed to the threat of identity fraud," he added.

The UK privacy watchdog can impose fines of up to £500,000 on organisations that breach the Data Protection Act, a power it has had for more than two years. It has served 23 monetary penalties since November 2010, including six levied on NHS bodies.

The Torbay Care Trust website was visited around 21,000 times over the course of the 19 weeks, according to the ICO monetary penalty notice. The website containing the spreadsheet was visited 300 times, although the Trust could not say how many people had looked at the spreadsheet itself.

The vast majority of fines have been to public-sector institutions — only three have been issued to private-sector organisations, and one of those, A4E , was a contractor to the public-sector Legal Services Commission.

Topics: Security, Privacy

About

Tom is a technology reporter for ZDNet.com, writing about all manner of security and open-source issues.Tom had various jobs after leaving university, including working for a company that hired out computers as props for films and television, and a role turning the entire back catalogue of a publisher into e-books.Tom eventually found tha... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.