Croydon Health Services NHS Trust (Undertakings, Health) [2015] UKICO 2015-39 (23 December 2015)


BAILII is celebrating 24 years of free online access to the law! Would you consider making a contribution?

No donation is too small. If every visitor before 31 December gives just £1, it will have a significant impact on BAILII's ability to continue providing free access to the law.
Thank you very much for your support!



BAILII [Home] [Databases] [World Law] [Multidatabase Search] [Help] [Feedback]

Information Commissioner's Office


You are here: BAILII >> Databases >> Information Commissioner's Office >> Croydon Health Services NHS Trust (Undertakings, Health) [2015] UKICO 2015-39 (23 December 2015)
URL: http://www.bailii.org/uk/cases/UKICO/2016/2015-39.html

[New search] [Printable PDF version] [Help]


Croydon Health Services NHS Trust

Date
23 December 2015
Type
Undertakings
Sector
Health

An undertaking to comply with the seventh data protection principle has been signed by Croydon Health Services NHS Trust.

This follows an incident where correspondence giving the outcome of a patient complaint had been misaddressed resulting in sensitive personal data being sent to an unintended recipient.

On investigation the ICO discovered that, although the Trust had some organisational measures in place, the error had been made by a temporary bank staff employee who had not received all the appropriate training and guidance in relation to the role they were expected to fulfil; there was a lack of a formal checking procedure to ensure the accuracy of correspondence as to both address and content before dispatch; key recommendations from previous breach investigation reports in relation to similar incidents had not been implemented and were identified as being a major contributory factor in relation to this breach.