Unnecessarily sharing of sensitive personal data
An excessive amount of data was emailed to another Trust partner via a non-secure email account
Undertaking issued to ensure that staff are given sufficient training and that only the minimum data for the intended purpose is extracted or transferred.
Reason for action
The spreadsheet containing the records was not passport protected and the department had no “business need” to have access to the clinical data.
15 June 2010