NHS Highland rapped over data breach affecting HIV patients

The UK Information Commissioner’s Office (ICO) has reprimanded NHS Highland for a serious data breach involving patients likely using HIV services. The breach occurred when someone in the organisation wrongly copied email addresses into the carbon copy field instead of the blind carbon copy field. Although not fined, NHS Highland have been told there was “no excuse” for the breach, and they have subsequently changed their email domain and apologised to those affected.