A London HIV clinic has been fined 180,000 GBP after leaking data on 781 patients, Wired.co.uk reports. London-based clinic 56 Dean Street sent its email newsletter with all of the patients’ email addresses in the “to” field rather than the “bcc field.” Of the 781 patients, 730 of the email addresses had individuals’ full names, constituting a “serious breach” of data protection rules, the Information Commissioner’s Office said. Data protection rules state information on a person’s health or sexual life is classified as sensitive information. The ICO said the incident was "likely to have caused substantial distress," and at least one person was worried the disclosure would lead to discrimination at work. Zoe Penn, medical director of the clinic, said the organization accepts the ICO’s decision, and has started making procedural changes.
If you want to comment on this post, you need to login.