Skip to main content

ICO Lets Lampeter Medical Practice Off With A Warning

The Information Commissioner's Office has referained from fining Lampeter Medical practice for breaching the Data Protection Act.

The medical practice had been under investigation after a member of staff at the practice had lost a memory stick containing the unencrypted medical data of 8,000 patients in March.

Despite of confirming that the medical practice had indeed breached the Data Protection Act, ICO says that its 'pleased' that the medical practice in question has promised to be more careful when handling patient data.

The BBC (opens in new tab) reports that the member of staff had posted the memory stick to the NHS business service center via recorded delivery, but it failed to arrive.

ICO representatives told the BBC that Lampeter Medical Practice has agreed to take “remedial action by ensuring that sufficient steps are taken to ensure a security breach doesn't occur again.”

The Data Protection Act has recently been updated with stricter data protection laws, allowing the ICO to fine offending organisations up to £500,000.