The Information Commissioner’s Office (ICO) has launched a probe into Belfast health trust after the disappearance of sensitive personal data related to a secret investigation into possible sectarianism.
The news follows an acknowledgement made in writing by the ICO of the upset suffered by a former security guard at Belfast City Hospital, regarding potential covert monitoring the trust carried out of the guard.
The ICO’s communication also speculated the unlikelihood that the trust obtained the data in line with current data protection laws.
In early March, The Irish News reported on the trust’s use of listening devices and a concealed camera in the hospital to delve into rumours that sectarianism was developing among security team workers.
Since the news broke, a laptop that was used to retrieve and access the secret tapes has gone missing. Concerns have also been voiced regarding those who gave the surveillance the green light.
A number of serious allegations of aggression have been made, including bullets being sent to the home of a Catholic worker, and staff sending wooden pellets to a loyalist bonfire nearby.
The monitoring in question took place in 2012, but the lid was blown on the action last summer by a whistleblower.
A communication dated March 19th sent by the commissioner to a person who had complained about the trust’s covert filming of him, stated:
“It is my assessment that it is unlikely that the trust has complied with the requirements of the DPA in this case, namely, the seventh data protection principle.
“As you may be aware, the seventh principle requires appropriate technical and organisational measures to be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data. It also appears that the data concerned may constitute sensitive personal data.”
In addition, the ICO’s letter said:
“We do realise that the trust’s covert monitoring of your personal data by your ex-employer is extremely upsetting for you. The ICO will now take further action to consider whether any more formal regulatory action is appropriate and may exercise its regulatory powers.”
Striking a conciliatory tone, the Belfast trust said that it had reported its own actions to the commissioner, confessed to losing the laptop and said that individuals affected had been spoken to.
“Efforts are being made to locate a laptop so that its contents can be examined and the Information Commissioner’s Office is aware of this. We are unable to provide the names of those involved as this is data personal to them,” the trust stated.