NHS boards record 481 IT breaches

Feb 14 2013

NHS staff breached IT guidelines almost 500 times in the past three years, according to statistics.

A total of 481 breaches were recorded by health boards from 2010, according to data gathered by the Conservatives under Freedom of Information.

Incidents included sharing passwords, swearing in emails, inappropriate Facebook comments and staff installing banned software on health board computers.

The data shows that at least 195 breaches were recorded last year, with at least 170 recorded in 2011 and 109 in 2010.

Two boards, Tayside and Dumfries and Galloway, gave figures for the three-year period instead of a yearly breakdown, totalling seven cases.

At least 15 workers have been sacked or resigned as a result of the breaches while others were even given counselling as a result of the offence, though some health boards refused to detail what disciplinary action had been taken.

The Conservatives said the true numbers are expected to be much higher because Scotland's largest health board - Greater Glasgow and Clyde - did not provide its figures.

Conservative health spokesman Jackson Carlaw said: "More and more sensitive information in hospitals is being held electronically, including patient records and highly confidential data.

"As a result, we need to ensure those who have access act completely responsibly to ensure it doesn't end up in the wrong hands. The fact this trend appears to be increasing is very concerning, particularly when you consider high-profile incidents of data loss over recent years.

"I'm sure the vast majority of these breaches have been committed accidentally but that makes it even more critical that the NHS IT system is secure and resilient to such gaffes."