Financial penalties imposed on the NHS due to data breaches has sparked some concern over the impact that this might have on patient care. Hitting the bottom line of the NHS usually means compensation from other areas of the organisation, namely patient services.
The UK’s information watchdog however, has defended the use of monetary penalties, insisting it does take into account what an organisation can afford to pay.
Whilst several NHS bodies have faced fines from the ICO in recent months, the largest was Brighton and Sussex University Hospitals NHS Trust in June, who received a £325,000 penalty. This was because hard drives were sold online which contained sensitive data on tens of thousands of patients and staff.
The trust has now dropped an appeal and has paid a total of £260,000 after receiving an early payment discount. However its chief executive did try to argue that it could not afford the fine “in a time of austerity.” Arguably, this money would be better spent on customer services.
Reacting to the NHS penalties, confidentiality expert Christopher Fincken had said it was “quite wrong” that fines imposed on NHS bodies “effectively come out of funding patient care”. He said there needed to be an alternative to penalising “the innocent patient” for the failings of NHS bodies.
However he also said that:
“fines, which are imposed for serious breaches of the Data Protection Act, acted as a very important way to discourage others from making the same data protection mistakes”.
The ICO’s reaction to NHS penalties and the concern that patients could lose out from such fines, a spokesperson said it did take into account a number of factors in determining appropriate penalties:
“The sector, size, financial and other resources of the data controller and the nature and impact of the breach will all be considered before determining the amount of a monetary penalty.”
“The nature of a civil monetary penalty against an NHS body is that the fine does come from taxpayers’ money, but it is important to realise that the money stays in the public purse, and is paid into the Treasury’s Consolidated Fund. Nothing is kept by the Information Commissioner’s Office.”
Subscribe for free
Register For This Site
Latest Forum Discussions
- Recruitment and selection practices in the public sector
- Open source CMS
- Openness Is A Matter of Perspective
- UK Buzz Index for October 2011
- Mobile Government, Citizens & Data - Interim survey report
- Next Generation mGovernment Services – Learning and sharing how Gov’ is connecting, engaging and reaching people effectively over mobile digital networks and devices.
- Building Security and Cost Savings into Shared Networks for Local Government