Slashdot Mirror

← Back to Stories (view on slashdot.org)

NHS Fined After Computer Holding Patient Records Found On eBay

Posted by timothy on from the all-these-billing-addresses-are-identical dept.

judgecorp writes "NHS Surrey, part of Britain's health service, has been fined £200,000 when a computer holding more than 3000 patient records was found for sale on eBay. The system was retired, and given to a contractor who promised to dispose of it securely for free, in exchange for any salvage value... but clearly just put the whole system up for sale."

4 of 186 comments (clear)

  1. Re: How does... by Joce640k · · Score: 4, Informative

    Because there was no actual "contract" requiring him to destroy them.

    That's the real problem in this case - no contract. It's all all in TFA (if you can be bothered with such trivia).

    --
    No sig today...
  2. Re:Fines.. by leathered · · Score: 3, Informative

    Look up Vicarious Liability, it's a tenet of Common Law.

    Too many MBAs believe that when you outsource, you are offloading responsibility. 'It was the contractor's fault, your honour' will not wash in any court of law.

    --
    For all intensive porpoises your a bunch of rediculous loosers
  3. Re:How does... by jellomizer · · Score: 3, Informative

    Simple, there are a bunch of ministries, departments, and divisions and other units all with a degree of autonomy, their own budgets, and other stuff.

    When you ask nearly any government employee of where do they work. They will not say I work for the Government. They will say I work in the Department of whatever...
    So if you fine a government agency the money leaves their budget and goes away from their department and to an other area. Leaving that department with less money budgeted towards what they need to do. As well it would effect their influence of getting additional funding for the next year.

    --
    If something is so important that you feel the need to post it on the internet... It probably isn't that important.
  4. Re:How does... by Kat+M. · · Score: 3, Informative

    First, the Information Commissioner's Office is an independent body, subject to supervision by the courts, not any ministry. It cannot and does not care (modulo human error) whether the responsible entity was a public or private body, except where the law distinguishes between them.

    Second, an NHS trust (which NHS Surrey is) is technically not part of the government, but a public sector corporation with separate auditing requirements and separate liability. Another example is that NHS trusts are also vicariously liable for malpractice by doctors and nurses they employ.

    While it is correct that in the end all the fines do come out of the UK's budget and go back into the UK's budget, separate liability arrangements allow for more fine-grained auditability and accountability. Fines may be budget neutral overall, but they still are highly undesirable for the sanctioned body, creating an incentive to avoid them.