Mrs A. Thompson –v- Scancrown Ltd, trading as Manors In a case that received widespread…
PLEASE NOTE: Information in this article is correct at the time of publication, please contact DFA Law for current advice on older articles.
The Information Commissioner’s Office (ICO) has fined Brighton and Sussex University Hospitals NHS Trust £325,000 following a serious breach of the Data Protection Act 1998. The fine related to the discovery of highly sensitive personal data belonging to tens of thousands of patients and staff, including some relating to HIV and genito-urinary medicine patients, on hard drives sold on an internet auction site in October and November 2010.
Our checklist highlights the key legal obligations that a business should consider when dealing with personal data about customers, suppliers, employees or any other individual who may be encountered during the course of business.