[Abridged summary from Cambridge Evening News Fri 20 Nov 09 Pages 1 and 5]
Patients' data used as packing
Jeweller finds hospital records sent in packaging for gift boxes
Reported by Raymond Brown <[log in to unmask]>
Confidential records from "solicitor's office acting for patients" were
shredded (but not enough) and then used as gift box packing.
Jeweller had ordered gift boxes for her Jewellery products, and the
boxes came with the shreddings as packing. Patients' data came from
Papworth Hospital 'who were horrified' and 'were investigating'.
" I could clearly make out the name and address and the name of the
hospital and solicitors"
The solicitors said " we dont shred paper here and we will be having a
chat with our suppliers".
Papworth Hospital described the secure shredding service it used onsite
to make sure that all confidential paperwork was completely
unidentifiable.
"In certain circumstances a patient will request that their notes are
given to a third party, such as a solicitor.
In these circumstances we would expect that extreme care is taken in the
disposal of these documents by this third party."
Bob's Comments and Thoughts
* Clear breach of Data Protection Act 1998 and Principle 7 by the
solicitors... Wonder whether the hospital has any written procedures
for handing personal data over to solicitors. Presumaby not as such
professionals have their own clear professional duty of care as well as
legal (Data Protection) one.
* Still sensitive data even though no actual sensitive data items disclosed
(apparently) by mere linkage of identifiable person with Hospital as patient.
* How easily the Hospital can be tarnished by the Solicitor's
carelessness (Hospital data lost not Solicitor's!)
* Solicitor possibly had the data because of potential litigation
against Hospital? (mere specuulation by me)
* The solicitors seem to be remarkably relaxed over the matter - perhaps
it could invest in (several) cross cut shredders?
* Pity the solicitor were not identified.
* Would a FOI request to Hospital be able to so so?
[If solicitors were partnership (as more often than not the case)
then their firm's names would be Personal Data...]
* There for the grace of God...
* At least the Newspaper got the apostrophe correct in its headline...
--
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-- Unencrypted Email is an insecure communications medium,
-- so be aware that any correspondence may possibly be viewed
-- by others en route.
--
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-- Robert (Bob) Waixel, MBCS, MCInstM, FHEA
-- Chartered Information Technology Professional (CITP)
-- RW Systems
-- Cambridge,
-- CB4 xxx, UK tel: +44 (0) 1223 361319
-- email: <[log in to unmask]>
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-- Emailing from Home (DELL)
-- - - - - - - - - - - - - - - - - - - - - - -
-- To err is human. To really foul things up ... you need a computer.
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
--
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-- Unencrypted Email is an insecure communications medium,
-- so be aware that any correspondence may possibly be viewed
-- by others en route.
--
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-- Robert (Bob) Waixel, MBCS, MCInstM, FHEA
-- Chartered Information Technology Professional (CITP)
-- RW Systems
-- 4 Manhattan Drive,
-- Cambridge,
-- CB4 1JL, UK tel: +44 (0) 1223 361319
-- email: <[log in to unmask]>
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-- Emailing from Home (DELL)
-- - - - - - - - - - - - - - - - - - - - - - -
-- To err is human. To really foul things up ... you need a computer.
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|