The ICO has issued a reprimand to South Tees Hospital NHS Trust in relation to failures to appropriately deal with sensitive information.
The incident involved sending a letter (informing a parent of a child’s medical appointment) to the wrong address. During the investigation it became apparent that there was no system to ensure regular updates for patient details across the systems used to store them and staff had not been given a process to check whether details were up to date, especially where the information in question was sensitive.
When working with multiple systems which store personal data, where there is not an automatic update across all systems, it is vital that a manual work around is found and that staff are aware of the procedure and effectively trained on it.
You can see the full reprimand here.