Medical centre data breach leads to huge fine

A medical centre data breach has led to a huge fine from the UK’s data watchdog, the Information Commissioner’s Office (ICO).

Medical centres and medical practices must, at all times, ensure the data they hold is safe and secure given the nature of the data they’re in charge of. Any failure to uphold this important duty can lead to huge fines and legal action to claim data breach compensation for the victims.

London-based Bayswater Medical Centre left medical records and personal medical data exposed in an old address for over 18 months, leaving them with a justifiable fine of £35,000.00

Bayswater Medical Centre data breach ICO report

According to the ICO report, the Bayswater Medical Centre data breach stemmed from the practice moving to a new address and using the old address as a storage facility. The old address was secured by nothing more than a single lock (no alarm), and windows that were reportedly ajar could have allowed easy access to anyone.

Medical records and sensitive information was reportedly visible through windows.

Chances to resolve the issue ignored

Another GP practice had expressed an interest in taking over the premises and were given access to the building. The potential new proprietors warned the Bayswater Medical Centre about the lack of security over the records that were being stored there, particularly when contractors reportedly had access to the premises for the purposes of the take-over.

These warnings, it appears, were simply ignored.

The data stored insecurely on the premises included medical records, prescription information and patient-identifiable medicine. The premises was actually broken into shortly after records were removed.

A lack of respect for the sanctity of medical data

The Bayswater Medical Centre data breach case is a clear example of a clear lack of respect for the sanctity of medical data. There’s simply no excuse for leaving such personal and sensitive medical data exposed for so long, and a medical centre ought to know better and ought to know that their duty is to protect medical records.

Medical data is already one of the most breached types of data. These kinds of totally avoidable and unforgivable incidents make the situation worse.

It’s cases like this that lead to medical data breach compensation claims where victims have to claim for their data rights being violated when the breach could have been easily prevented in the first place.

Frankly, this should never have happened at all.

Start Your Claim

You can call our claims team free from a landline or mobile on 0800 634 7575 or click on the link below to create a call back with one of our expert Data Claims team.

Create A Call Back

Information on how we handle your data is available in our Privacy Policy.

The content of this post/page was considered accurate at the time of the original posting and/or at the time of any posted revision. The content of this page may, therefore, be out of date. The information contained within this page does not constitute legal advice. Any reliance you place on the information contained within this page is done so at your own risk.