Norfolk & Norwich Hospital pays out £47k following data breaches – BBC.com

A hospital has paid out £47,000 in compensation to five claimants over data breaches.

Norfolk and Norwich University Hospitals NHS Foundation Trust made the payments – the second-highest of any NHS trust in the UK – between 2020 and 2023.

Four of the claims involved patient data and one was a “contractual issue”.

The trust said it took its use of data “extremely seriously” and that breaches were fully investigated so that lessons could be learned.

Freedom of information (FOI) data, obtained by personal injury solicitors firm Legal Expert, found NHS trusts across the UK had paid out £1.5m in data breach claims since 2021.

“Unauthorised access” to personal data was highlighted as the most common breach.

According to the Information Commissioner’s Office, data breaches within the health sector rose by 21% between 2022 and 2023 to 1,949 incidents.

Eleanor Coleman, a data breach specialist at Legal Expert, said: “This rise in the health sector is worrying and we hope that organisations are ensuring that they have sufficient security in place to protect people’s personal information.”

Under the General Data Protection Regulation and the Data Protection Act, organisations such as the NHS can collect, store, use, share and dispose of personal information about individuals, but must have appropriate technical and organisational systems in place to ensure it is kept safe and not inappropriately disclosed to others.

When personal or sensitive data is breached, victims can claim compensation providing certain criteria are met.

A trust spokesperson said: “We follow NHS requirements as set out by the NHS Data Security and Protection Toolkit, of which we are compliant.

“We take our use of data extremely seriously and have a well-established mandatory approach to information governance training for all our staff – without exception.

“Any breach is fully investigated so that lessons can be learned.”

NHS England was approached for comment.


A hospital has paid out £47,000 in compensation to five claimants over data breaches.Norfolk and Norwich University Hospitals NHS Foundation Trust made the payments – the second-highest of any NHS trust in the UK – between 2020 and 2023.Four of the claims involved patient data and one was a “contractual issue”.The trust said it took its use of data “extremely seriously” and that breaches were fully investigated so that lessons could be learned.Freedom of information (FOI) data, obtained by personal injury solicitors firm Legal Expert, found NHS trusts across the UK had paid out £1.5m in data breach claims since…
Norfolk & Norwich Hospital pays out £47k following data breaches – BBC.com
Source: Assent.InfoSec