Data breach results in £150k fine for nursing regulatory body in transit mishap
Nursing and Midwifery Council Fined £150,000 for Data Loss
In a significant turn of events, the Nursing and Midwifery Council (NMC) has been fined £150,000 by the Information Commissioner's Office (ICO) in 2011. The fine was imposed due to the loss of three DVDs containing highly sensitive data during transport.
The DVDs, which were received unencrypted from the police, contained video files related to alleged offenses by a nurse and identifiable details of two children. The data on the DVDs included witness interviews relating to a disciplinary hearing. Unfortunately, the DVDs have not been found.
The ICO fined the council due to the failure to prevent a data breach and the nature of the data causing substantial distress. At the time, the council's policy required encryption of data, but they failed to encrypt the DVDs before sending them. The ICO stated that the council had no policy requiring the encryption of such data.
The council regrets not encrypting the DVDs before sending them and has since corrected its practice regarding data encryption. They have strengthened their policies and procedures for the secure handling of witness evidence since the incident.
David Smith, deputy information commissioner, urged organisations to review their policies on how personal information is handled, ensuring they are robust, cover audio and video files containing personal information, and are followed in every case. He stressed the importance of data protection and the need for data security.
The council also expressed their disappointment with the ICO's decision to levy a fine. However, they recognise the importance of the matter and regret the incident. They have made it clear that they have learned from this experience and are committed to improving their data handling practices.
The council has taken steps to ensure that such an incident does not happen again. They have reviewed and updated their policies and procedures, and have implemented new measures to ensure the secure handling of sensitive data. They are determined to maintain the trust and confidence of the public and all those they serve.
Read also:
- Lu Shiow-yen's Challenging Position as Chair of the Chinese Nationalist Party (KMT) Under Scrutiny in Donovan's Analysis
- Approval Granted for Significant Infrastructure Initiatives in Maharashtra
- Who is Palestine Action, the organization tied to numerous arrests within the UK?
- "Trump Criticizes EU's $3.5 billion fine on Google as Unjust, Threatens Additional Tariffs"
