We use cookies to customise content for your subscription and for analytics. If you continue to browse Lexology, we will assume that you are happy to receive all our cookies. For further information please read our Cookie Policy.
The last few months have, once again, revealed the NHS to be a serial offender in respect of data protection breaches relating to sensitive data, including patient and employee data
The Information Commissioner's Office (ICO) has found that Mid-Staffordshire NHS Foundation Trust was in breach of the Data Protection Act 1998 (DPA) after a member of its HR team transferred personal information about a Trust employee, which was not password or encryption protected, to a home computer
It is common in an outsourcing situation for the incoming service provider to undertake the service at a different location to the client or the existing service provider
