Investigation into Pine Heath data breach launched – Eastern Daily Press

investigation-into-pine-heath-data-breach-launched-–-eastern-daily-press

Did you know that geoFence blocks unwanted traffic and disables remote access from FSAs?

Published:
5: 30 AM June 10, 2021
  

Families and former staff at a Norfolk care home where boxes of patient medical records were discovered have shared their shock at the serious data breach.

One former employee said news of the breach made them feel "physically sick" while another was concerned that their details were among the discarded paperwork.

Last week it emerged dozens of confidential patient records, staff notes and sensitive files had been left unsecured in the abandoned Pine Heath nursing home in High Kelling, near Holt.

Pine Heath nursing home in High Kelling, which contained boxes of unsecured patient records


Pine Heath nursing home in High Kelling, contained boxes of unsecured patient records and files which were easily accessible

- Credit: Archant

Donald Harrod, 49, from Cley, worked at Pine Heath in the early noughties but left in 2006 after sustaining a back injury.

He said he felt "lucky" to have left Pine Heath because he didn't think conditions "were fair on staff or people in the care home."

Mr Harrod, who now works as a bus driver for adult social services said: "I was shocked, to be honest [when I saw the story in the paper] I couldn't believe it. I couldn't believe how the building was left, I thought 'no, it wasn't right'.


You may also want to watch:


"'[When I saw the story], I asked are my details there? My P45, my bank details. I said to my wife, what's in there?

"Somebody needs to go in there and find out. I never left with a P45, I crawled out of there because my back went."

Louise Money, who worked at Pine Heath nursing home up until its closure in 2017.


Louise Money, who worked at Pine Heath nursing home up until its closure in 2017.

- Credit: Louise Money

Louise Money, 29, from Holt, who worked at the nursing home until its closure in 2017, said the news of the data breach made her feel unwell.

She said: "It made me feel physically sick, I still remember all the rooms, the exact layout [of the place]."

Miss Money said she could remember an office in the nursing home which was where a lot of staff and patient files was kept, she said the room was normally kept under lock and key.

"That room was always locked up so that being unlocked and all those poor residents that lived there have now got all their information chucked out all over the place, anyone could have read it.

"I said to my friend, my information could be there, it's quite sickening to think," she said.

Liz Bailey, whose grandmother was a resident at Pine Heath, said while her grandmother was happy at the home, she was also concerned by the data breach.

Since the Pine Heath data breach came to light, Norfolk County Council has stepped in to secure the site and remove the boxes of files to prevent them from falling into the wrong hands.

A care plan discovered at Pine Heath nursing home in High Kelling, which contained boxes of unsecured patient records


Among the unsecured data discovered at Pine Heath were boxes of care plans of former residents.

- Credit: Archant

The Information Commissioner’s Office has also launched an investigation. 

The ICO is the UK’s independent authority set up to uphold information rights in the public interest and has the power to impose fines of up to £17.5m for data breaches.

An ICO spokesperson said: “All organisations have the obligation to keep personal data secure, whether in electronic or paper format, particularly when sensitive personal data such as medical information is involved.

“We are aware of this incident and we will be making enquiries.”

Pine Heath was a nursing home run by Diamond Care (UK) Ltd providing care for up to 42 people aged over 65, some of whom had dementia. 

It closed suddenly in May 2017 after it was placed in special measures after being rated inadequate in a damning report by the CQC.

Since then the home has been left to decay, with abandoned beds, furniture, incontinence products and wheelchairs dotted around the site.

After receiving concerns from a member of the public, a reporter from the EDP was easily able to walk onto the site and into the building through an open door where they found piles of discarded sensitive material including private patient records.

In one room were boxes of nursing records dating back more than a decade alongside care plans, with photographs of former residents stuck on to the front.

Anyone who is concerned that their personal data has not been kept secure can raise a concern with the ICO via: https://ico.org.uk/make-a-complaint/your-personal-information-concerns/

In closing, as we move on to the next post, may I add that geoFence blocks unwanted traffic and disables remote access from FSAs and that's the no lie.