{"id":798,"date":"2013-07-15T20:08:21","date_gmt":"2013-07-15T19:08:21","guid":{"rendered":"http:\/\/www.halkynconsulting.co.uk\/a\/?p=798"},"modified":"2013-07-15T21:46:50","modified_gmt":"2013-07-15T20:46:50","slug":"nhs-trust-fined-data-disposal","status":"publish","type":"post","link":"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/07\/nhs-trust-fined-data-disposal\/","title":{"rendered":"NHS Trust fined \u00a3200,000 following data disposal errors"},"content":{"rendered":"<p>Although it has a well structured, well run and reasonably well resourced security management service, the NHS still seems to struggle with some aspects of compliance with the Data Protection Act. As a result, another NHS trust has fallen foul of the Information Commissioner&#8217;s Office (ICO) and fined a significant amount of money.<\/p>\n<figure id=\"attachment_559\" aria-describedby=\"caption-attachment-559\" style=\"width: 300px\" class=\"wp-caption alignright\"><a href=\"http:\/\/www.halkynconsulting.co.uk\/security\/contact-security-team\"><img loading=\"lazy\" decoding=\"async\" data-attachment-id=\"559\" data-permalink=\"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/02\/another-lack-of-encryption-leads-to-a-data-protection-act-fine\/healthcaresecuritysml\/\" data-orig-file=\"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2013\/02\/healthcaresecuritysml.jpg?fit=300%2C250&amp;ssl=1\" data-orig-size=\"300,250\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;}\" data-image-title=\"NHS Security\" data-image-description=\"&lt;p&gt;Healthcare Security &#8211; Sensitive data needs proper protection.&lt;\/p&gt;\n\" data-image-caption=\"&lt;p&gt;NHS &#038; Healthcare Security : Sensitive data needs proper protection.&lt;\/p&gt;\n\" data-medium-file=\"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2013\/02\/healthcaresecuritysml.jpg?fit=300%2C250&amp;ssl=1\" data-large-file=\"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2013\/02\/healthcaresecuritysml.jpg?fit=300%2C250&amp;ssl=1\" class=\"size-full wp-image-559 \" alt=\"NHS &amp; Healthcare Security - Sensitive data needs proper protection.\" src=\"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2013\/02\/healthcaresecuritysml.jpg?resize=300%2C250\" width=\"300\" height=\"250\" data-recalc-dims=\"1\" \/><\/a><figcaption id=\"caption-attachment-559\" class=\"wp-caption-text\">NHS &amp; Healthcare Security: Sensitive data needs proper protection.<\/figcaption><\/figure>\n<p>Based on the <a title=\"ICO fines NHS Surrey for failing to check the destruction of old computers\" href=\"http:\/\/www.ico.org.uk\/news\/latest_news\/2013\/ico-issues-nhs-surrey-monetary-penalty-of-200000\" target=\"_blank\">ICO&#8217;s press release<\/a>, it appears that NHS Surrey had outsourced the disposal of its computers and related assets. Unfortunately, after 2 years, they were notified by a member of the public that a disk purchased from eBay contained patient data.<\/p>\n<p>According to the press release, when NHS Surrey collected the computer and processed it, they discovered records belonging to 900 adults and 2000 children.\u00a0Faced with this information, the trust was able to recover 39 further devices from the trading arm of the data destruction provider. Of this batch, 10 were previously owned by NHS Surrey and three contained sensitive patient data.<\/p>\n<p>NHS Surrey appear to have entered into an arrangement whereby the data disposal company removed the devices for free on the grounds that they could sell on any salvageable materials. From the ICO&#8217;s report, this appears to have been a bit of an informal arrangement and no contract was in place and no monitoring conducted.<\/p>\n<p>Stephen Eckersley, Head of Enforcement, described this as &#8220;<em>one of the most serious the ICO has witnessed<\/em>&#8221; with the following points noted in the press release:<\/p>\n<blockquote><p>The ICO\u2019s investigation found that NHS Surrey had no contract in place with their new provider, which clearly explained the provider\u2019s legal requirements under the Data Protection Act, and failed to observe and monitor the data destruction process.<\/p>\n<p>NHS Surrey mislaid the records of the equipment passed for destruction between March 2010 and 10 February 2011, and was only able to confirm that 1,570 computers were processed between 10 February 2011 and 28 May 2012. The data destruction company was unable to trace where the computers ended up, or confirm how many might still contain personal data.<\/p><\/blockquote>\n<figure id=\"attachment_823\" aria-describedby=\"caption-attachment-823\" style=\"width: 300px\" class=\"wp-caption alignleft\"><a href=\"http:\/\/www.halkynconsulting.co.uk\/security\/security-policy\"><img loading=\"lazy\" decoding=\"async\" data-attachment-id=\"823\" data-permalink=\"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/07\/nhs-trust-fined-data-disposal\/disposal\/\" data-orig-file=\"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2013\/07\/disposal.jpg?fit=1056%2C600&amp;ssl=1\" data-orig-size=\"1056,600\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;}\" data-image-title=\"Data Disposal &#8211; Manage it properly\" data-image-description=\"&lt;p&gt;Data disposal should always be a well managed process.&lt;\/p&gt;\n\" data-image-caption=\"&lt;p&gt;Data disposal should always be a well managed process.&lt;\/p&gt;\n\" data-medium-file=\"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2013\/07\/disposal.jpg?fit=300%2C170&amp;ssl=1\" data-large-file=\"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2013\/07\/disposal.jpg?fit=1024%2C581&amp;ssl=1\" class=\"size-medium wp-image-823\" alt=\"Data disposal should always be a well managed process.\" src=\"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2013\/07\/disposal-300x170.jpg?resize=300%2C170\" width=\"300\" height=\"170\" srcset=\"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2013\/07\/disposal.jpg?resize=300%2C170&amp;ssl=1 300w, https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2013\/07\/disposal.jpg?resize=1024%2C581&amp;ssl=1 1024w, https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2013\/07\/disposal.jpg?w=1056&amp;ssl=1 1056w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" data-recalc-dims=\"1\" \/><\/a><figcaption id=\"caption-attachment-823\" class=\"wp-caption-text\">Data disposal should always be a well managed process.<\/figcaption><\/figure>\n<p>This is similar to the incident reported last year where\u00a0the <a title=\"Secure Data Disposal - not really...\" href=\"http:\/\/www.halkynconsulting.co.uk\/a\/2012\/09\/secure-data-disposal-not-really\/\" target=\"_blank\">Scottish Borders Council was fined \u00a3250,000<\/a> for failing to protect data during the disposal process and personal data ended up in public waste bins.<\/p>\n<p>One major difference is that, unlike the local Councils in the UK, the NHS has a well structured, centrally managed system to enforce security compliance on third party suppliers. It appears to have failed here.<\/p>\n<h2>Lessons learned from the NHS &#8211; Supplier Security Management<\/h2>\n<p>There is a lot that can be learned here, even if you don&#8217;t work for the NHS. If you handle personal data or if you just have commercially sensitive information, you need to make sure you dispose of your assets properly. If your files end up on eBay then you face a regulator fines, loss of competitive advantage and reputational damage.<\/p>\n<p>You can avoid this. Quite easily actually.<\/p>\n<p>The Data Protection Act is quite clear about the obligation and the 7th principle states<\/p>\n<blockquote><p>Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.<\/p><\/blockquote>\n<p>Even if you don&#8217;t process personal data, this is a good principle to adhere to when it comes to protecting your corporate data.<\/p>\n<p>With this in mind, there are some steps you can take to avoid following NHS Surrey&#8217;s footsteps:<\/p>\n<ol>\n<li><span style=\"line-height: 16px;\">Have a policy and plan in place to manage your information lifecycle. This needs to document how you create, maintain and dispose of all your information assets.\u00a0<\/span><\/li>\n<li>Keep an accurate, and well maintained record, of where your sensitive information is stored. You should always be able to tell if a hard disk has had &#8220;important&#8221; information on it or not.<\/li>\n<li>If you outsource your disposal you <strong>absolutely<\/strong> must make sure there is a robust contract in place. This contract must oblige the service provider to securely dispose of any data. If nothing else, this means that in the event some data surfaces, you have options to protect yourself.<\/li>\n<li>Make sure you manage your disposal process. In-house or outsourced, you should nominate a suitable person to be responsible for ensuring data is properly disposed.<\/li>\n<\/ol>\n<p>Following these four steps will help you avoid following in the footsteps of NHS Surrey and the Scottish Borders Council. More importantly, it will help you avoid you suffering a fine in the region of \u00a3200,000.<\/p>\n<p>Good supplier security management is not free, but it is a lot cheaper than the alternatives.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Although it has a well structured, well run and reasonably well resourced security management service, the NHS still seems to struggle with some aspects of compliance with the Data Protection Act. As a result, another NHS trust has fallen foul of the Information Commissioner&#8217;s Office (ICO) and fined a significant amount of money. Based on [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":559,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"footnotes":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false,"jetpack_publicize_feature_enabled":true},"categories":[5,21],"tags":[23,96,69,61,20,140,46,97,98,99],"class_list":["post-798","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","category-security-risk-management","tag-business-protection","tag-data-disposal","tag-ico","tag-nhs","tag-risk-management","tag-security","tag-security-management","tag-supplier-management","tag-supplier-security-management","tag-supply-chain-security","entry","has-media"],"jetpack_publicize_connections":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v19.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>NHS Trust fined \u00a3200,000 following data disposal errors<\/title>\n<meta name=\"description\" content=\"The ICO has announced another fine for an NHS trust, this time the result of a failure to manage 3rd party service providers properly.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/07\/nhs-trust-fined-data-disposal\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"NHS Trust fined \u00a3200,000 following data disposal errors\" \/>\n<meta property=\"og:description\" content=\"The ICO has announced another fine for an NHS trust, this time the result of a failure to manage 3rd party service providers properly.\" \/>\n<meta property=\"og:url\" content=\"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/07\/nhs-trust-fined-data-disposal\/\" \/>\n<meta property=\"og:site_name\" content=\"Halkyn Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2013-07-15T19:08:21+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2013-07-15T20:46:50+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2013\/02\/healthcaresecuritysml.jpg?fit=300%2C250&ssl=1\" \/>\n\t<meta property=\"og:image:width\" content=\"300\" \/>\n\t<meta property=\"og:image:height\" content=\"250\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Taz Wake - Halkyn Security\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/twitter.com\/tazwake\" \/>\n<meta name=\"twitter:site\" content=\"@HalkynSecurity\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Taz Wake - Halkyn Security\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/07\/nhs-trust-fined-data-disposal\/#article\",\"isPartOf\":{\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/07\/nhs-trust-fined-data-disposal\/\"},\"author\":{\"name\":\"Taz Wake - Halkyn Security\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/person\/6eb0b544119827df120fb596772d25bc\"},\"headline\":\"NHS Trust fined \u00a3200,000 following data disposal errors\",\"datePublished\":\"2013-07-15T19:08:21+00:00\",\"dateModified\":\"2013-07-15T20:46:50+00:00\",\"mainEntityOfPage\":{\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/07\/nhs-trust-fined-data-disposal\/\"},\"wordCount\":783,\"commentCount\":0,\"publisher\":{\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#organization\"},\"keywords\":[\"Business Protection\",\"Data Disposal\",\"ICO\",\"NHS\",\"Risk Management\",\"Security\",\"Security Management\",\"Supplier Management\",\"Supplier Security Management\",\"Supply Chain Security\"],\"articleSection\":[\"Security\",\"Security Risk Management\"],\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/07\/nhs-trust-fined-data-disposal\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/07\/nhs-trust-fined-data-disposal\/\",\"url\":\"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/07\/nhs-trust-fined-data-disposal\/\",\"name\":\"NHS Trust fined \u00a3200,000 following data disposal errors\",\"isPartOf\":{\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#website\"},\"datePublished\":\"2013-07-15T19:08:21+00:00\",\"dateModified\":\"2013-07-15T20:46:50+00:00\",\"description\":\"The ICO has announced another fine for an NHS trust, this time the result of a failure to manage 3rd party service providers properly.\",\"breadcrumb\":{\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/07\/nhs-trust-fined-data-disposal\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/07\/nhs-trust-fined-data-disposal\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/07\/nhs-trust-fined-data-disposal\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Halkyn Security\",\"item\":\"http:\/\/www.halkynconsulting.co.uk\/a\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security\",\"item\":\"http:\/\/www.halkynconsulting.co.uk\/a\/category\/security\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"NHS Trust fined \u00a3200,000 following data disposal errors\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#website\",\"url\":\"http:\/\/www.halkynconsulting.co.uk\/a\/\",\"name\":\"Halkyn Security Blog\",\"description\":\"Specialist Security &amp; Risk Management Consultants\",\"publisher\":{\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/www.halkynconsulting.co.uk\/a\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Organization\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#organization\",\"name\":\"Halkyn Consulting\",\"url\":\"http:\/\/www.halkynconsulting.co.uk\/a\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2011\/07\/Untitled-1.png?fit=990%2C170&ssl=1\",\"contentUrl\":\"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2011\/07\/Untitled-1.png?fit=990%2C170&ssl=1\",\"width\":\"990\",\"height\":\"170\",\"caption\":\"Halkyn Consulting\"},\"image\":{\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.linkedin.com\/company\/2329571\",\"https:\/\/twitter.com\/HalkynSecurity\"]},{\"@type\":\"Person\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/person\/6eb0b544119827df120fb596772d25bc\",\"name\":\"Taz Wake - Halkyn Security\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/6689803eeae3e16b54fab3a7a1dfd1a5ee70f3ca1a83e77278a1b1adfedc4260?s=96&d=retro&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/6689803eeae3e16b54fab3a7a1dfd1a5ee70f3ca1a83e77278a1b1adfedc4260?s=96&d=retro&r=g\",\"caption\":\"Taz Wake - Halkyn Security\"},\"description\":\"Certified Information Systems Security Professional with over 19 years experience providing in-depth security risk management advice to government and private sector organisations. Experienced in assessing risks, and producing mitigation plans, worldwide in both peaceful areas and war zones. Additionally, direct experience carrying out investigations into security lapses, producing evidential standard reports and conducting detailed interviews to ascertain the details of the incident. Has a detailed understanding of the Security Policy Framework (SPF) and JSP440, as well as in depth expertise in producing cost-effective solutions in accordance with legislative and regulatory guidelines. Experienced in accrediting establishments and networks as well as project managing the development of secure, compliant, workable business processes.\",\"sameAs\":[\"http:\/\/www.halkynconsulting.co.uk\",\"https:\/\/twitter.com\/https:\/\/twitter.com\/tazwake\"],\"url\":\"http:\/\/www.halkynconsulting.co.uk\/a\/author\/tazwake\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"NHS Trust fined \u00a3200,000 following data disposal errors","description":"The ICO has announced another fine for an NHS trust, this time the result of a failure to manage 3rd party service providers properly.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/07\/nhs-trust-fined-data-disposal\/","og_locale":"en_GB","og_type":"article","og_title":"NHS Trust fined \u00a3200,000 following data disposal errors","og_description":"The ICO has announced another fine for an NHS trust, this time the result of a failure to manage 3rd party service providers properly.","og_url":"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/07\/nhs-trust-fined-data-disposal\/","og_site_name":"Halkyn Security Blog","article_published_time":"2013-07-15T19:08:21+00:00","article_modified_time":"2013-07-15T20:46:50+00:00","og_image":[{"width":300,"height":250,"url":"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2013\/02\/healthcaresecuritysml.jpg?fit=300%2C250&ssl=1","type":"image\/jpeg"}],"author":"Taz Wake - Halkyn Security","twitter_card":"summary_large_image","twitter_creator":"@https:\/\/twitter.com\/tazwake","twitter_site":"@HalkynSecurity","twitter_misc":{"Written by":"Taz Wake - Halkyn Security","Estimated reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/07\/nhs-trust-fined-data-disposal\/#article","isPartOf":{"@id":"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/07\/nhs-trust-fined-data-disposal\/"},"author":{"name":"Taz Wake - Halkyn Security","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/person\/6eb0b544119827df120fb596772d25bc"},"headline":"NHS Trust fined \u00a3200,000 following data disposal errors","datePublished":"2013-07-15T19:08:21+00:00","dateModified":"2013-07-15T20:46:50+00:00","mainEntityOfPage":{"@id":"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/07\/nhs-trust-fined-data-disposal\/"},"wordCount":783,"commentCount":0,"publisher":{"@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#organization"},"keywords":["Business Protection","Data Disposal","ICO","NHS","Risk Management","Security","Security Management","Supplier Management","Supplier Security Management","Supply Chain Security"],"articleSection":["Security","Security Risk Management"],"inLanguage":"en-GB","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["http:\/\/www.halkynconsulting.co.uk\/a\/2013\/07\/nhs-trust-fined-data-disposal\/#respond"]}]},{"@type":"WebPage","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/07\/nhs-trust-fined-data-disposal\/","url":"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/07\/nhs-trust-fined-data-disposal\/","name":"NHS Trust fined \u00a3200,000 following data disposal errors","isPartOf":{"@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#website"},"datePublished":"2013-07-15T19:08:21+00:00","dateModified":"2013-07-15T20:46:50+00:00","description":"The ICO has announced another fine for an NHS trust, this time the result of a failure to manage 3rd party service providers properly.","breadcrumb":{"@id":"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/07\/nhs-trust-fined-data-disposal\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["http:\/\/www.halkynconsulting.co.uk\/a\/2013\/07\/nhs-trust-fined-data-disposal\/"]}]},{"@type":"BreadcrumbList","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/2013\/07\/nhs-trust-fined-data-disposal\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Halkyn Security","item":"http:\/\/www.halkynconsulting.co.uk\/a\/"},{"@type":"ListItem","position":2,"name":"Security","item":"http:\/\/www.halkynconsulting.co.uk\/a\/category\/security\/"},{"@type":"ListItem","position":3,"name":"NHS Trust fined \u00a3200,000 following data disposal errors"}]},{"@type":"WebSite","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#website","url":"http:\/\/www.halkynconsulting.co.uk\/a\/","name":"Halkyn Security Blog","description":"Specialist Security &amp; Risk Management Consultants","publisher":{"@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/www.halkynconsulting.co.uk\/a\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#organization","name":"Halkyn Consulting","url":"http:\/\/www.halkynconsulting.co.uk\/a\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2011\/07\/Untitled-1.png?fit=990%2C170&ssl=1","contentUrl":"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2011\/07\/Untitled-1.png?fit=990%2C170&ssl=1","width":"990","height":"170","caption":"Halkyn Consulting"},"image":{"@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.linkedin.com\/company\/2329571","https:\/\/twitter.com\/HalkynSecurity"]},{"@type":"Person","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/person\/6eb0b544119827df120fb596772d25bc","name":"Taz Wake - Halkyn Security","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/6689803eeae3e16b54fab3a7a1dfd1a5ee70f3ca1a83e77278a1b1adfedc4260?s=96&d=retro&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/6689803eeae3e16b54fab3a7a1dfd1a5ee70f3ca1a83e77278a1b1adfedc4260?s=96&d=retro&r=g","caption":"Taz Wake - Halkyn Security"},"description":"Certified Information Systems Security Professional with over 19 years experience providing in-depth security risk management advice to government and private sector organisations. Experienced in assessing risks, and producing mitigation plans, worldwide in both peaceful areas and war zones. Additionally, direct experience carrying out investigations into security lapses, producing evidential standard reports and conducting detailed interviews to ascertain the details of the incident. Has a detailed understanding of the Security Policy Framework (SPF) and JSP440, as well as in depth expertise in producing cost-effective solutions in accordance with legislative and regulatory guidelines. Experienced in accrediting establishments and networks as well as project managing the development of secure, compliant, workable business processes.","sameAs":["http:\/\/www.halkynconsulting.co.uk","https:\/\/twitter.com\/https:\/\/twitter.com\/tazwake"],"url":"http:\/\/www.halkynconsulting.co.uk\/a\/author\/tazwake\/"}]}},"jetpack_featured_media_url":"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2013\/02\/healthcaresecuritysml.jpg?fit=300%2C250&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p9yHvD-cS","jetpack_likes_enabled":true,"_links":{"self":[{"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/posts\/798","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/comments?post=798"}],"version-history":[{"count":29,"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/posts\/798\/revisions"}],"predecessor-version":[{"id":830,"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/posts\/798\/revisions\/830"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/media\/559"}],"wp:attachment":[{"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/media?parent=798"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/categories?post=798"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/tags?post=798"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}