Data breaches

  1. Telecom provider Sure fined £80k for data breach

    Rebecca Thorn

    BBC News

    The telecom provider Sure has been fined £80,000 for data breaches in last year's directory.

    The Office of the Data Protection Authority took action after Sure told the regulator there had been a "small number of entries" that were incorrect.

    An investigation by the ODPA found 216 complaints had been made to the company relating to 244 telephone numbers.

    Some of these included the numbers of ex-directory islanders being published.

    Sure identified 19 customers that were at risk of "potential material harm" as a result of the mistake.

    The company said it was "disappointed" by the ODPA's ruling which it said was in parts "factually incorrect" and based on a "flawed and unfair investigation".

    "This included a lack of full disclosure about the specific matters of concern to the ODPA, which in turn made it difficult for us to participate meaningfully with the process," Sure said.

  2. Patient virus results sent to business by mistake

    Balfour Hospital / NHS Orkney

    Coronavirus test results and confidential details of dozens of people were sent out by NHS Orkney to a local business by mistake.

    The data included more than 50 patient names, addresses and the results of Covid-19 testing.

    NHS Orkney said an investigation had established it was an "isolated case of administrative error".

    The health board has apologised and the incident has been reported to the Information Commissioner.

    Read more