ICO fines organisation for abandoned medical records

London’s Bayswater Medical Centre (BMC) has been fined £35,000 by the Information Commissioner’s Office after it left highly sensitive medical information in an empty building.  The personal data, including medical information, prescription and patient-identifying records was left unsecured in the building for more than 18 months.  The ICO found that the severity of the breach merited a fine of £80,000, but this was reduced to £35,000 after BMC’s ability to pay was taken into account.

Top Tips:

  • Secure your premises and any personal data that you hold;
  • If you are an organisation that holds highly sensitive personal information the ICO will expect you to understand that disclosure or loss of such information would cause substantial damage and distress; and
  • The ICO will look at any delay you cause in failing to secure personal information as quickly as possible.

Share on Social Media

About Infinite Law

We have practised in specialised areas of law for over twenty years. We know the law, and we have the practical experience to back it up. We have expertise both in-house and in private practice. We know what you as clients will need and we know how to deliver.

Follow Us

Follow Us