UK NHS & Disclosure: A Moral Imperative Example
(Posted by adam)
From Silicon.com, "Pressure grows for UK data loss disclosure:"
As a spokeswoman for the Information Commissioner's Office told silicon.com last year: "There is nothing in the Data Protection Act that legally obliges companies to inform customers when these things occur."But, from the BBC, "Children's details taken in theft:"
Health bosses in Nottinghamshire have issued a warning after a laptop containing information on about 11,000 young children was stolen.I believe this to be an example of the moral imperative around breach disclosure. There's no legal obligation, but there is an ethical one, and the NHS knows it.
Thanks to Antonomasia for the BBC story; the laptop has since been recovered, but it's unclear if any data was copied.
Bookmark this post: Posted by adam on April 3, 2007 at 10:28 AM
in breach analysis
. You can:
comment, view comments (2),
search Technorati.
Comments
Morality is relative. The NHS may pipe up, after all they cannot lose market share (can they? Ignorant American speaking here). British banks and retailers, OTOH....well, I'll let Ross Anderson do the talking:
"We need a breach reporting law in the UK" -- Ross Anderson, 2007-03-30
Posted by: Chris | April 3, 2007 10:59 AM
The NHS can lose political support and public confidence. That they've chosen to be transparent is good and shows trust in the public.
Posted by: Adam | April 3, 2007 12:52 PM