{"id":175601,"date":"2015-12-19T08:34:52","date_gmt":"2015-12-19T08:34:52","guid":{"rendered":"http:\/\/4cd.e16.myftpupload.com\/?p=175601"},"modified":"2015-12-19T08:34:52","modified_gmt":"2015-12-19T08:34:52","slug":"hiv-clinic-fined-250-for-data-breach","status":"publish","type":"post","link":"https:\/\/citifmonline.com\/2015\/12\/hiv-clinic-fined-250-for-data-breach\/","title":{"rendered":"HIV clinic fined \u00a3250 for data breach"},"content":{"rendered":"
A health clinic that mistakenly revealed the identity of HIV-positive patients in a group email has been fined \u00a3250 by the UK’s data watchdog.<\/p>\n
The Bloomsbury Patient Network provides information and support for people who are HIV-positive.<\/p>\n
But twice in 2014, staff emailed up to 200 members at a time without obscuring other patients’ email addresses.<\/p>\n
The Information Commissioner’s Office (ICO) said it had levied a fine that would not cause “financial hardship”.<\/p>\n
Data breach<\/p>\n
In February 2014, a member of staff at the Bloomsbury Patient Network emailed up to 200 patients who were HIV-positive.<\/p>\n
The email addresses were entered into the “To” field, meaning they were visible to everybody who received the email.<\/p>\n
Instead, email addresses should have been entered into the “BCC” field, which would have obscured them from other recipients.<\/p>\n
In May 2014, the same member of staff repeated the error.<\/p>\n
Serious error<\/strong><\/p>\n