Categories: SecurityWorkspace

ICO Slaps Nursing And Midwifery Council With £150k Fine

The Nursing and Midwifery Council has been hit with a £150,000 fine by the Information Commissioner’s Office (ICO), after it lost three DVDs related to a nurse’s misconduct hearing.

The Council, a regulator for healthcare professionals in the UK, admitted to the mistake, which saw confidential personal information and evidence from two vulnerable children lost. The data was unencrypted, according to the ICO.

ICO calls the midwife

DVDs went missing from their cases during the couriering of evidence related to a ‘fitness to practise’ case, and have yet to be found. The cases did not show any evidence of tampering.

“It would be nice to think that data breaches of this type are rare, but we’re seeing incidents of personal data being mishandled again and again,” said David Smith, deputy commissioner at the ICO.

“While many organisations are aware of the need to keep sensitive paper records secure, they forget that personal data comes in many forms, including audio and video images, all of which must be adequately protected.

“The Nursing and Midwifery Council’s underlying failure to ensure these discs were encrypted placed sensitive personal information at unnecessary risk. No policy appeared to exist on how the discs should be handled, and so no thought was given as to whether they should be encrypted before being couriered.”

The Council wouldn’t be drawn into saying whether it would appeal the fine or not, but noted it was disappointed by the ICO’s action. It also claimed its policy did require encryption, despite the ICO’s suggestion there were no rules in place.

“Our policy, in place at the time, required encryption. We received the DVDs from the police unencrypted, but we failed to encrypt them before we sent them on,” the Council said, in a statement sent to TechWeek.

Are you a security pro? Try our quiz!

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Recent Posts

Spyware Maker NSO Group Found Liable In US Court

Landmark ruling finds NSO Group liable on hacking charges in US federal court, after Pegasus…

1 day ago

Microsoft Diversifying 365 Copilot Away From OpenAI

Microsoft reportedly adding internal and third-party AI models to enterprise 365 Copilot offering as it…

1 day ago

Albania Bans TikTok For One Year After Stabbing

Albania to ban access to TikTok for one year after schoolboy stabbed to death, as…

1 day ago

Foldable Shipments Slow In China Amidst Global Growth Pains

Shipments of foldable smartphones show dramatic slowdown in world's biggest smartphone market amidst broader growth…

1 day ago

Google Proposes Remedies After Antitrust Defeat

Google proposes modest remedies to restore search competition, while decrying government overreach and planning appeal

1 day ago

Sega Considers Starting Own Game Subscription Service

Sega 'evaluating' starting its own game subscription service, as on-demand business model makes headway in…

2 days ago