St Albans cases highlighted by probe into data breaches by police and health trust
PUBLISHED: 18:47 01 November 2014
An investigation has been launched into recent embarrassing data breaches following confessions by the police and the health chiefs who run St Albans hospital.
Confidential data from anti-social behaviour cases appeared on the Herts Police ‘local priorities’ pages on the Home Office website (police.uk), following a technical computer error by an external service provider.
This breach resulted in 61 cases - including two from St Albans - where individuals’ names and addresses appeared on the website for five days.
Superintendent Andrew McCracken, head of crime reduction, said the police “very much regret” the data breach, which was discovered by an officer on October 9.
He added: “Fortunately the pages were accessed by very few people and we are confident that any risk to people whose information appeared on the site has been minimised.
“In our role as data controller we have referred the case ourselves to the Information Commissioner’s Office.
“The public can be confident that the details held on the system are now secure and confidential.”
Herts Police and Crime Commissioner David Lloyd described the force’s breach as a “very serious matter”.
Meanwhile Samantha Jones, chief executive of West Herts Hospitals NHS Trust said staff had been informed of three information breaches.
She said: “On two separate occasions, two members of staff sent staff data to their personal email address so they could work on it while out of the office.”
Ms Jones said that as this was contrary to trust policy, those employees would be subject to disciplinary procedures.
In addition, staff data was accidentally sent to a staff member at another NHS trust.
None of the three breaches involved patient data.
However the type of data sent included information such as the name, date of birth, national insurance number, address, salary, professional registration and, if supplied by the staff member, their sexuality and religion.
Ms Jones said that immediate steps had been taken to prevent any further breaches, and an internal investigation has also been launched.
She added: “I have apologised on behalf of the trust board to our staff.”
But the breaches have been criticised by St Albans MP Anne Main who said: “This raises a lot of questions. People need to know their data is safe, and this isn’t good enough.”