The Royal Wolverhampton Hospitals NHS Trust has been pulled up by the UK Information Commissioner's Office (ICO) for mishandling sensitive patient information.
A CD containing 112 patient files from the heart and lung division within its intensive care unit had been found at a bus stop near the hospital.
The ICO said that the CD was neither encrypted nor password protected.
Investigations by the Trust and the ICO failed to establish how the CD came to be made, however the ICO pointed to transactions between the hospital and third-party consultants as a weak link its information handling processes.
The ICO said the Trust failed to recall patient charts from consultants in a timely manner, and has demanded that consultants sign for patient charts when they receive it.
Mick Gorrill, Head of Enforcement at the ICO said that data was several years old.
Copyright © iTnews.com.au . All rights reserved.
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @itnews.com.au to your white-listed senders.