A former health advisor was charged with collecting the personal information of service recipients, specifically South Warwickshire NHS Foundation Trust patients.
Without a legitimate business reason, Mr. O'Brien improperly accessed patient medical records while performing his job duties.
Between June and December 2019, Mr. O'Brien saw the records of 14 patients without his employer's permission.
Christopher O'Brien appeared in front of the Coventry Magistrates' Court and entered a guilty plea to six charges of illegally acquiring personal information in violation of section 170 of the 2018 Data Protection Act.
He was ordered to pay a total of $3,000 in compensation, or £250 to each data subject.
Source: https://ico.org.uk/action-weve-taken/enforcement/christopher-o-brien/
"id": "SOU2350151122",
"linkid": "south-warwickshire-nhs-foundation-trust",
"type": "Breach",
"date": "08/2022",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"