GDPR – Reminder

GDPR – Reminder The General Data Protection Regulation (GDPR) will come into effect on 25 May 2018 and will affect many businesses in the UK. The UK’s decision to leave the EU will not have any immediate effect on the application of the GDPR. The legislation imposes significant record-keeping requirements for any organisation that processes or controls personal data and the penalties for breaches are significant. The definition of personal data is wider than under the current legislation and the GDPR requires organisations to show how they comply with it. In addition, specific information will need to be given to those who whose data is held. See the ICO website…

Former Nurse Prosecuted for Patient Personal Data Breaches

Former Nurse Prosecuted for Patient Personal Data Breaches Public authorities hold vast amounts of personal data and safeguards are in place to ensure that such information is kept safe. In one case, the Office of the Information Commissioner (ICO) mounted a successful prosecution against a former nurse who accessed the sensitive medical records of over 3,000 patients. The woman had also obtained unauthorised access to staff records across an NHS region and was dismissed when the truth emerged. It was one of the most serious incidents of its kind ever to affect the NHS in that region and, following an internal inquiry, patients were contacted and reassured that no records…