WORKFORCE: South Central Ambulance Service Foundation Trust has apologised after thousands of its staff’s personal data, including nationality, sexual orientation and salary details, was published on the organisation’s website.
The trust was made aware of the security breach by the Information Commissioners Office, who brought it to their attention on 24 April.
The service’s chief executive Will Hancock has written to the 2,826 current and former members of staff hit by the data disclosure to apologise and explain the extent of the breach.
The breach occurred when a report was made available on the trust’s website which inadvertently had the personal data attached to it.
A trust spokeswoman revealed that the data included details of employees’ names, location of work, job roles and various details of that role which incorporated Agenda for Change banding of that role, and whether staff were full or part time.
It also included nationality, marital status, age, gender, ethnic origin, disability, religious belief and sexual orientation.
The trust has emphasised that the published information is not patient or clinically related.
A trust spokeswoman said: “An investigation is underway into the circumstances around this incident, using an external information governance auditor.
“We have undertaken a thorough review of all our published information on the website (over 2,000 documents) and we can confirm that this was the only document affected.
“The data breach affected 2,826 staff who were employed by the organisation in October 2013 and related to the data which was attached to a report.
“We take our information governance responsibilities very seriously and we have been cooperating fully with the Information Commissioners Office throughout this investigation. We have already drafted an action plan to mitigate the risk of this happening again in the future.”
Trust Board Papers & HSJ reporting
20 May 2014