answer text |
<p>National Health Service organisations are individually responsible for managing
incidents where patient data has been compromised. Guidance provided by the Health
and Social Care Information Centre is that data subjects should be informed when personal
data about them has been lost or inappropriately placed in the public domain, unless
the cost of doing so would be prohibitive or the risk to those concerned is judged
to be minimal. Where there is any risk of identity theft it is strongly recommended
that this is done.</p><p> </p><p>There are no central guidelines on remedies or compensation.
Individuals whose data has been compromised may make a complaint through local NHS
complaints procedures or if they believe that an incident resulted from a breach of
data protection requirements they may report this to the Information Commissioner.
In some circumstances individuals might seek redress through the Civil Courts.</p><p>
</p>
|
|