The Information Commissioner's Office has found a healthcare recruitment agency in breach of the Data Protection Act after it lost doctors' personal data that ended up being sold online.
Healthcare Locums (HCL) first notified the ICO about the breach when it confirmed that a network storage device containing details about doctors' security clearance and their visa information had been sold on an auction website. Neither the device nor the data were encrypted.

HCL's records showed that the hard drive was being transferred from its Skipton branch to its Loughton branch in February 2010 for secure storage prior to decommissioning.

The link for this article located at Network World is no longer available.