The Information Commissioner’s Office (ICO) has issued a monetary penalty of £55,000 to North Staffordshire Combined Healthcare NHS Trust. The penalty follows a serious breach of the Data Protection Act which resulted in sensitive medical details of three patients being sent to a member of the public. And how does this impact on mainstream employment? Here’s the answer: the ICO’s investigation found that while the Trust had published best practice guidance which required staff to ‘phone ahead’ to make sure faxes were being sent to the right address and had been successfully received, this guidance had not been communicated to the staff involved and they had received no specific training on the secure use of fax machines. Given the circumstances, the implications of a read-across to awareness of policies and procedures for the protection of employee data, are all too obvious.
This provides summary information and comment on the subject areas covered. Where employment tribunal and appellate court cases are reported, the information does not set out all of the facts, the legal arguments presented and the judgments made in every aspect of the case. Employment law is subject to constant change either by statute or by interpretation by the courts. While every care has been taken in compiling this information, we cannot be held responsible for any errors or omissions. Specialist legal advice must be taken on any legal issues that may arise before embarking upon any formal course of action.