A health trust in Devon has been fined after publishing personal details of more than a thousand NHS staff on the internet.
Torbay Care Trust was asked to pay a penalty of £175,000 after the information went unnoticed for 19 weeks.
– Stephen Eckersley, Information Commissioner's Office
The fact that this breach was caused by Torbay Care Trust publishing sensitive information about their staff is extremely troubling and was entirely avoidable. Not only were they giving sensitive information out about their employees but they were also leaving them exposed to the threat of identity theft."
The trust has now introduced a new web management policy to make sure this doesn't happen again. They have also apologised to staff members.
– Anthony Farnsworth, TCT Chief Executive
This was an organisational issue, in which the absence of sufficient checks within our processes made this error possible...
We have since implemented far more robust procedures for managing staff information to make this more secure, and to remove the risk of any such incidents occurring in the future.