Staff info published in data breach

  • 28 May 2014
Staff info published in data breach

South Central Ambulance Service NHS Foundation Trust “accidentally” published its staff members' personal information on its website in a data breach.

The trust was alerted to the data breach on April 24 by the Information Commissioner’s Office, after the personal data of nearly 3000 current and former staff members was mistakenly included in a report on the trust’s website.

A trust spokesperson told EHI it took immediate action to remove the data once it became aware of the breach.

The nationality, religious beliefs and sexual orientation of employees was among the information published in the breach.

The information also included employees’ nationality, marital status, age, gender, ethnic origin, disability, religious belief and sexual orientation.

The trust’s chief executive, Will Hancock, has apologised to the affected staff, explaining the extent of the data breach and “offering appropriate support”.

The trust is speaking to the Information Commissioner’s Office about the incident, and has also appointed an external information governance auditor to investigate what led to the breach.

“We have undertaken a thorough review of all our published information on the website (over 2000 documents) and we can confirm that this was the only document affected,” the spokesperson said.

The trust emphasised that the information released was not patient- or clinically-related.

“We take our information governance responsibilities very seriously and we have been cooperating fully with the Information Commissioners Office throughout this investigation.

We have already drafted an action plan to mitigate the risk of this happening again in the future,” the spokesperson said.

The data breach affected 2,826 staff, with the personal information in the report including employees’ names, location of work, job roles and various details of the role.

Subscribe to our newsletter

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Sign up

Related News

Kootenai Health cyber attack impacts 464,000 patients

Kootenai Health cyber attack impacts 464,000 patients

US healthcare provider Kootenai Health has revealed that data belonging to 464,000 patients has been compromised following a cyber attack.
Advanced fined £6m over stolen patient data in 2022 cyber attack

Advanced fined £6m over stolen patient data in 2022 cyber attack

The Information Commissioner’s Office has imposed a £6.09m fine on Advanced for failing to protect personal information during a cyber attack.
ICO guidance on transparency published for health and care sector

ICO guidance on transparency published for health and care sector

New guidance has been issued by ICO over how health and care organisations should be transparent over the use of personal information.