Hospital Trust tightens policies after patients records found dumped in two separate incidents

editorial image

UNIVERSITY Hospitals Coventry and Warwickshire trust breached the Data Protection Act by twice losing patients’ medical records, the Information Commissioner’s Office (ICO) has said.

In the first incident last February, records about 18 patients were found in a communal waste bin at an apartment block in Rugby. According to the ICO, a member of staff had taken the records home and accidentally disposed of them a public bin along with other rubbish.

The second incident occurred in May, when a member of the public discovered details about a patient’s medical procedures and test results, which were allegedly found in a bin outside the hospital.

An investigation by the ICO found that the trust had poor procedures and policies for handling personal information. This included the delivery and collection of patient notes at one of the trust’s hospitals.

The ICO has ordered the trust to review its polices and make sure patients’ information is properly protected in future. Staff will be provided with training about following updated guidelines and new procedures about handling medical data.

Sally Anne Poole, acting head of enforcement at the ICO, said: “The fact that the trust lost sensitive personal information on two separate occasions within the space of two months is clearly not acceptable.

“Organisations across the health service must recognise that they hold some of the most sensitive personal data available and that it must never be disposed of in the same way as routine household waste.”