I am not surprised
One PCT in the North (actually in west yorkshire) has told it's IT dept there are areas they cannot go in the servers. So as a result IT are not allowed access.
As a result those members of staff that do get access have seen the downloaded film collection, the pron, the games etc.
Same PCT has a requirement for all staff to put their username and password in a ring binder / folder, in case they are on holiday and need to get access.
Routinely giving access to EVERYONES email accounts. Things I know as a result of this policy is shocking, information just flating across the email systems.
The NHS is run on pay grade not skill or professional competance. And they have procedures for counting stock (I kid you not) because some people on very high pay rates cannot even count boxes in a cupboard.
Either way the fact the ICO is actually doing his job is a shock, where was he with Phorm. Oh yeah, taking back handers.
AC because I work in another PCT and want to keep my job. However my PCT is at least trying with awareness training and limiting access, encryption etc.