On-Air Now
Facebook

Manx Care fined £170,500 for information governance failures

Thu, 18 Aug 2022


Manx Care has been fined £175,000 for infringements of the data protection legislation. 

The fine from the Information Commissioner has been deferred until 31 December 2022 subject to strict adherence to compliance targets.

It's after Manx Care sent an email containing an insecure attachment containing confidential heath data of a patient to more than 1,870 recipients last October.

The Health and Social Care provider was already subject to an enforcement notice and a further notice was issued in February 2022.

The Island's Information Commissioner said that Manx Care failed to comply with those notices which has led to the penalty notice.

In a statement, Manx Care said: "We acknowledge the significant failures outlined in the Enforcement Notice, which make for uncomfortable reading, and would like to offer our sincere and unreserved apologies to those individuals whose data was breached through no fault of their own. Regardless of the fact that this was neither malicious nor intentional, this will undoubtedly have caused distress to them, for which we are incredibly sorry. Quite simply, this should not have happened. We would like to assure members of the public that steps are being taken to bring Manx Care’s standards of compliance into line with those expected of the organisation. These are historical breaches, and it is important to note that all patients whose data was inadvertently disclosed were notified at the time, and an apology provided."

"The information governance issues that Manx Care has experienced date back to 2020 when an Enforcement Notice was issued to what was then the Department for Health and Social Care (DHSC). This transferred over to Manx Care when the organisation launched on 01 April 2021, with two subsequent Enforcement Notices being issued in August 2021 and February 2022 for further, repeat compliance failures. During this period, the organisation had incredibly limited dedicated Information Governance or Data Protection resource in place to manage and mitigate its risks, and ensure that the patient data it held was managed in a safe, secure and compliant way. This was as a result of colleagues having been transferred into other roles as part of the Island’s response to the Covid-19 pandemic."

"Earlier this year, an information governance review was commissioned from KPMG – in its capacity as the external partner appointed to support the delivery of the Island’s health and care transformation programme – and found that Manx Care had insufficient resource to meet its statutory compliance responsibilities in this area. Since then, Manx Care has invested in additional staffing to support a permanent Information Governance function, along with securing temporary resource and funding to support a continuous compliance and improvement programme that addresses the findings and recommendations outlined within the KPMG review."


 

Subscribe to get Energy FM News direct to your mobile device

You can get Energy FM News delivered direct to your mobile device using one of the following methods.

  • In the Apple News App on iOS search for Energy FM IOM and then just add it to your favourites
  • In the Google News & Weather App just search for Energy FM and then add us as a customised section
  • If you use an RSS Reader then just add our feed to your app, click here for our news RSS feed