Potential exposure of ALL Birmingham NHS patients’ private data
Hardly a week seems to pass without me saying that the ICO is a waste of time – and therefore money. Our money. It needn’t be, but it is.
Last month I discussed The ICO: a guard dog that won’t bite and hardly barks; and I concluded on a story about the NHS losing personal and private patient information:
Obviously there’s no point in fining the NHS; so, hard as it may seem, doctors who lose their patients’ medical records need to be sacked. And that applies to anybody who loses the personal data of others. It’s the only way.
It is the only way; because the ICO’s slapped wrist and don’t do it again approach clearly is not working. Today, the Birmingham Post is reporting an absolutely horrific data breach story:
All patient data along with staff pay and personal details up to chief executive level are believed to have been left accessible to more than 6,000 NHS workers who normally would not be allowed access to such private material…
A NHS source, who feared being named, claimed members of the public using computers at some health sites, like Moseley Hall Hospital, would also have been able to access the insecure confidential records.
Security alert over NHS data breach
Words fail me. We need to wait for more information to emerge, but what if it’s true? Fining the NHS the maximum fine of £500,000 is just a way of levying a £500,000 additional tax on us; because we are the ones who will have to pay it. Somebody has got to go. My bet is that the managers are already looking for a sacrificial lamb amongst their staff. Wrong. It is the top levels of management that need to take responsibility for their failure: resign or be sacked.