No Action Over Hampshire Ambulance Service Data Leak

16 September 2014, 16:18

The Information Commissioner's Office says no further action will be taken against South Central Ambulance Service after confidential information relating to over 2,800 employees was published online.

The ages, sexual orientation and religion of employees was published in a document on the service's website in April.

The ambulance service says it brought in a plan to mitigate the risk.

In a statement, the ICO said, "We have completed our investigation in to a data breach involving South Central Ambulance Service.

"After considering the organisation's response, the remedial measures introduced to address the errors that were made, and the limited number of times the information was accessed before it was removed, we have decided that no further action will be taken on this occasion.

"We will keep a record of this incident and may revisit it again if any similar problems occur."

South Central Ambulance Service said, "South Central Ambulance Service NHS Foundation Trust (SCAS) has been co-operating fully with the Information Commissioners Officer following a serious data breach on our website, on the 24 April 2014.

"They have informed us that following their review of the information provided to them and our comprehensive improvement plan, no further action is necessary at this stage.

"We take our information governance responsibilities very seriously and as a result of the breach we implemented an action plan to mitigate the risk as much as possible, of this happening again in the future. 

"As part of this process we undertook a thorough review of all our published information on the website (over 2,000 documents) and we can confirm that this was the only document affected.

"It should be noted that this information was not patient or clinically related.

"We have apologised to all staff affected by the breach and we are satisfied that we have taken appropriate action to mitigate the risk for the future as much as possible."