A collective of UK hospitals has been fined more than 230,000 euros since it had placed the private information of staff inadvertently on its website. It was the national insurance number, date of birth, religion and sexual orientation of 6,500 employees.
The collective discovered the data breach after 10 months and had another 5 months to inform the affected employees. The information was provided voluntarily by the staff, so that collectively an annual overview of diversity and equality could publish within hospitals. The spreadsheets were found to contain hidden data simply became visible by double-clicking on a table. Because of the data breach, the UK data protection authority ICO now fined 185,000 pounds (the equivalent of more than 230,000 euros).
No comments:
Post a Comment