NHS managers are failing to take action against staff who are involved in data breaches, according to the GP magazine Pulse.
The magazine says it used the Freedom of Information Act to obtain information about breaches of confidentiality and data losses from 47 NHS organisations.
It found there had been188 reported incidents of staff breaching privacy rules or accessing patient data without authorisation, and 75 reported incidents of staff losing data, since January 2007.
However, it says just 14 of these incidents were followed up with formal disciplinary action, and that this tended to take the form of a verbal or written warning. None of the trusts reported suspending or dismissing staff.
The incidents uncovered included major and well known incidents, such as the theft of a laptop containing the bank details of staff at Royal Cornwall Hospitals NHS Trust. However, most were relatively minor, such as faxes going astray and confidential records being disposed of inappropriately.
A number of trusts also reported staff inappropriately accessing patient records “for purposes not related to healthcare.” Most trusts reported they had simply advised the employees responsible of the correct procedures or sent them for "retraining."
© 2008 E-HEALTH-MEDIA LTD. ALL RIGHTS RESERVED.
EHIPrimaryCare: Reading the info strategy makes me wonder what is the future of #nhs choices? - join the conversation on #ehi http://t.co/IFeIHus3
16 hours 51 minutes
ago
EHIPrimaryCare: RT @DHgovuk: Take a look at our #storify channel for a quick rundown of The NHS Information Service for Parents launch http://t.co/9KTH7 ...
23 hours 44 minutes
ago
EHIPrimaryCare: Info strategy calls for #CCIO on boards http://t.co/Y66TqtlN #nhs
1 day 28 minutes
ago
