GPs who lose laptops to face £5,000 fines

GPs should face prosecution if laptops containing patients' records are stolen from their cars, according to the Information Commissioner.

Giving evidence to the Lords' Constitution Committee last week, Information Com- missioner Richard Thomas said: 'It is hard to see that this is anything but gross negligence.'

GPs could be fined up to £5,000 in a magistrates court or an unlimited sum in a crown court.

A spokeswoman for the Information Commissioner confirmed after the hearing that a draft paper making the proposal had been submitted to the Minister of Justice.

'It's not just GPs. What we are saying is that where an organisation knowingly fails to comply with the Data Protection Act and creates a substantial risk of damage to individuals, we want it to become a criminal offence and to be able to prosecute immediately,' she said.

At present, the Information Commissioner must first issue an enforcement notice and only if this is breached is a criminal prosecution pursued.

The spokeswoman said that no GPs had so far been prosecuted. She added that the Information Commissioner was keen to tighten the law because over the past year there had been security breaches.

She was unable to give any details about when a change in the law might be made.

A BMA spokeswoman said: 'Records kept on a computer should be treated the same way as those kept on paper.

'If GPs are taking them out of the practice they obviously need to ensure they are protected.

'However, the key thing is that the rules are applied sensibly. It would be unreasonable for doctors to be penalised if records were stolen after they had done everything in their power to ensure their safety,' she added.

Jamie Cowper, director of European marketing at London-based technology consultancy the PGP Corporation, said: 'It's not fair to expect doctors to be data security experts.

'To be entirely effective, the NHS should respond to the proposed legislation with both a programme of data security education and a systematic roll-out of data protection technology such as encryption.'

Mr Cowper added that Mr Thomas's stance would be welcomed by patient rights groups, given the recent spate of data breaches at NHS trusts.

'Perhaps Mr Thomas's approach of hard compulsion is the only way to get the medical establishment to take this problem seriously,' he said.

neil.durham@haymarket.com

Have you registered with us yet?

Register now to enjoy more articles and free email bulletins

Register

Already registered?

Sign in

Before commenting please read our rules for commenting on articles.

If you see a comment you find offensive, you can flag it as inappropriate. In the top right-hand corner of an individual comment, you will see 'flag as inappropriate'. Clicking this prompts us to review the comment. For further information see our rules for commenting on articles.

comments powered by Disqus