By continuing to use the site you agree to our Privacy & Cookies policy

Your browser seems to have cookies disabled. For the best experience of this website, please enable cookies in your browser.


Your browser is no longer supported

For the best possible experience using our website we recommend you upgrade to a newer version or another browser.


NMC hit with £150k fine for data security breach

The Nursing and Midwifery Council has been fined £150,000 after it lost three DVDs linked to a misconduct hearing.

The DVDs included personal information and evidence from two vulnerable children, sparking criticism and a fine from the Information Commissioner for breaching the Data Protection Act.

The breach relates to events in October 2011, when NMC officials arranged for evidence to be couriered to a fitness to practise hearing venue.

When the packages arrived at their destination, the discs were not present and there were no signs of tampering. The regulator carried out extensive searches to find the DVDs, but they have never been recovered.

The ICO was particularly scathing after its investigation found the information on the DVDs was not encrypted.

David Smith, director of data protection at the ICO, said: “The NMC’s underlying failure to ensure these discs were encrypted placed sensitive personal information at unnecessary risk.

“No policy appeared to exist on how the discs should be handled, and so no thought was given as to whether they should be encrypted before being couriered. Had that simple step been taken, the information would have remained secure and we would not have had to issue this penalty.”

An NMC spokesman said it was disappointed at the ICOs decision to impose a fine.

He said: “We regret the incident, but want to reassure the public and all our stakeholders that we recognise the importance of data protection and the need for data security.

“The cause of the incident is understood to have been an isolated human error.”

The nursing regulator’s shaky financial position prompted it to raise the annual registration fee on 1 February, from £76 to £100, and accept the offer of a government grant worth £20m.

Readers' comments (10)

  • Susan Markham

    Ouch! £150,000... that's coming out of the annual registration fees (the NMC's only source of funding) which probably means fees will be going up even more than they said they were for next year!

    "Elliot say Owwwww!"

    Did nobody from the NMC's IT dept. tell them how to encrypt data files on a CD?

    If they'd encrypted them before transportation it wouldn't really matter if they went missing en-route.

    Common sense 101.

    Unsuitable or offensive?

  • Sorry but I am not prepared to pay for this error, they are dreadful - not fit for purpose.

    Unsuitable or offensive?

  • if they can lose this data they can lose that of any nurse on their register under investigation as well as that of patients and others involved. it seems that the NMC is not only dysfunctional but also untrustworthy.

    Unsuitable or offensive?

  • has the member of staff involved been sacked? they do not accept 'human error' in nurses so are the rules the same for their staff.

    Unsuitable or offensive?

  • Does the NMC meet all their mandatory training requirements ?? I guess they need to practice what they preach !! Try Information Governance NMC its useful

    feeling robbed of £100 now

    Unsuitable or offensive?

  • Another example of woeful incompetence from our shamefully disorganised and shambolic 'professional' body. How can we express a vote of 'no confidence' in these people so nursing can begin to regain some self-respect?

    Unsuitable or offensive?

  • The annual subscriptions of 1,500 registrants (!!) will pay for this. Good grief.

    Unsuitable or offensive?

  • Oh my God why can't someone save the nurses from throwing their earnest hard salary into the pot of this useless body we have that is not doing anything for nurses. The teaching profession has got ride of theirs why not the nurses?

    Unsuitable or offensive?

  • OMG, £100 fee!!!!

    Unsuitable or offensive?

  • CLOSE THEM DOWN this is the last straw, when they are not selling our data (now apparently no longer the case ) they are loosing it.
    They cannot be trusted to do the job they are there to do, protect the public! The fine should come out of the chief exec salary not membership fees.

    Unsuitable or offensive?

Have your say

You must sign in to make a comment.

Related Jobs

Sign in to see the latest jobs relevant to you!