N Irish nursing home fined £15k over data breach

A Northern Irish nursing home has been fined by the Information Commissioner’s Office for failing to protect the sensitive data of its employees and residents.

Whitehead Private Nursing Home in County Antrim was penalised for £15,000 on 15 August for widespread systemic failings in data protection, following a data breach on 21 August 2014.

The penalty notice said the breach occurred when a member of nursing home staff took an unencrypted laptop home, which was then stolen overnight. The laptop contained details about 29 residents including their date of birth, mental and physical health and ‘do not resuscitate’ status.

It also included personal information relating to 46 staff, including details of disciplinary matters and reasons for sick leave.

Ken Macdonald, head of ICO Regions, said: “Whitehead Nursing Home had totally inadequate provisions for IT security and procedure and poor data protection training”.

“Today’s fine shows we can and will act against any organisation we feel is not taking seriously its duty to look after the personal details it has been entrusted with.”

The ICO said the fine is reflective of the size of the nursing home business.

If the penalty is paid by 14 September it will be reduced to £12,000 providing no appeal is lodged.

The nursing home can care for up to 39 clients and is part of the Wilson Group, a Belfast based company that owns five nursing homes.

Read more:
* 56 Dean Street fined £180,000 by ICO
* ICO fines HIV treatment centre £250
* Pharmacy fined for selling patient data