The Information Commissioner's Office (ICO) is to give "particular regulatory attention" to health organisations as it focuses on areas most likely to result in damage to people's information rights, the watchdog has said. The ICO, which ensures compliance with UK data protection, e-privacy and freedom of information laws, …
I can, sort of, agree that patient health data is sensitive and should be prioritised for protection over things like their shoe size. </snark>
However, it is interesting that the majority of enforcement actions against healthcare sector providers will be the NHS which means any fines are simply recirculating funds around the public purse.
So it will go like this:
NHS / Privatised trust scrimp money by not spending on security.
Data privacy is breached, ICO action eventually results in a fine.
NHS / Privatised trust then pay fine and go to government for more funding to ensure health care can be provided.
Government use fine to provide additional funds to the trust.
At each stage various leeches will be taking a bit of money out of the system without actually improving patient data security.
Such a wonderful world we live in.
Nothing will change until *senior* officials get fired or go to jail.
Until then it's just an accountancy problem (unless the fine can *bankrupt* the institution).
"We have to recognise that
there is a legitimate expectation that we will enforce the law".
Bloody hell... have they only just realised that it is their job to enforce the law?
Lazy sods managed to go 12 months without issuing a single enforcement notice.