N Irish nursing home fined £15k over data breach

  • 25 August 2016
N Irish nursing home fined £15k over data breach
The Information Commissioner’s Office will not take regulatory action over NHS Digital/

A Northern Irish nursing home has been fined by the Information Commissioner’s Office for failing to protect the sensitive data of its employees and residents.

Whitehead Private Nursing Home in County Antrim was penalised for £15,000 on 15 August for widespread systemic failings in data protection, following a data breach on 21 August 2014.

The penalty notice said the breach occurred when a member of nursing home staff took an unencrypted laptop home, which was then stolen overnight. The laptop contained details about 29 residents including their date of birth, mental and physical health and ‘do not resuscitate’ status.

It also included personal information relating to 46 staff, including details of disciplinary matters and reasons for sick leave.

Ken Macdonald, head of ICO Regions, said: “Whitehead Nursing Home had totally inadequate provisions for IT security and procedure and poor data protection training”.

“Today’s fine shows we can and will act against any organisation we feel is not taking seriously its duty to look after the personal details it has been entrusted with.”

The ICO said the fine is reflective of the size of the nursing home business.

If the penalty is paid by 14 September it will be reduced to £12,000 providing no appeal is lodged.

The nursing home can care for up to 39 clients and is part of the Wilson Group, a Belfast based company that owns five nursing homes.

Read more:
* 56 Dean Street fined £180,000 by ICO
* ICO fines HIV treatment centre £250
* Pharmacy fined for selling patient data

 

Subscribe to our newsletter

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Sign up

Related News

How to equip NHS staff with cyber security skills they will use

How to equip NHS staff with cyber security skills they will use

Too often, cyber security training is a seen as a burden. But it is possible to make it relevant and useful, writes Nasser Arif.
Cheshire and Merseyside ICS selects cyber security platform

Cheshire and Merseyside ICS selects cyber security platform

Cheshire and Merseyside Integrated Care System has selected a healthcare cyber security platform from Cynerio to strengthen its defences.
Translation tech for patients trialled in Northern Ireland

Translation tech for patients trialled in Northern Ireland

Translation tech is improving communication between staff and non-English speaking patients in the Southern Trust area of Northern Ireland.