Check out our animation about keeping your health data secure:
What is an accidental external data breach?
wow
Follow Hannah's story to learn more
START
Hannah recently had her routine cervical smear.
She is waiting for a letter to arrive with her test results.
+ info
CONTINUE
My results haven't arrived
Having waited a long time for her test results, she calls the GP practice to find out where they are.
CONTINUE
The receptionist checks Hannah’s record and realises her test results have been sent to her old address.
Have you recently moved? I think your address information might be out of date.
CONTINUE
Another person may have seen her confidential medical information.
CONTINUE
This is an accidental external breach. Hannah's data has accidentally been put at risk outside of the healthcare system that is caring for her.
CONTINUE
Check if personal information is involved.
Establish what type and how much personal information.
Because there is a likely high risk to Hannah and her data in this situation, the Information Commissioners’ Offic or ICO, require that the GP practice must report the breach to them within 72hrs.
Consider who might have the personal information.
Information Commissioner's Office,
Work out how many people might be affected.
Consider the impact the breach might have on people's lives.
Document everything you know about the breach.
Who regulate and enforce data protection laws in the UK
Assess the risk to the people who's data has been breached.
CONTINUE
The health service involved must immediately inform Hannah of what has happened.
They must also ensure Hannah still receives the test results as soon as possible, to ensure that she is informed and that there is no delay to her getting any care she needs.
If a breach like this happens to your data, you will be notified by the service with information about what
occurred and the process for what happens next.
Her address will be updated to prevent this mistake happening again.
CONTINUE
Health services take many steps to support the security of your data.
Services must review and report on their data security practices in line with clear quality standards.
Provide ongoing data security training to staff.
Appoint specific roles who monitor and advise on data security to health services.
CONTINUE
When it comes to health services, the ICO have an array of tools to regulate how your personal data is looked after...
CONTINUE
Their priority is to support services to make changes and prevent mistakes happening in the future.
In the case of the most serious errors, organisations can receive large fines as a penalty for breaches... but this is a last resort for the public sector as fines would take money out of the health service, which would only put patients at further risk.
CONTINUE
Click the buttons below for more information:
Read the research behind these resources.
Explore ICO information for the public.
Review NHS England guidance on data breaches.
Check out UPD’s health data policy explainers.
Find out how the ICO has been taking action in response to incidents in the health sector.
Check how well specific services perform on data security measures.
Read about an example of new technology improving security.
Learn about some examples of security roles in services.
Got an idea?
Let the communication flow!
With Genially templates, you can include visual resources to wow your audience. You can also highlight a particular sentence or piece of information so that it sticks in your audience’s minds, or even embed external content to surprise them: Whatever you like! Do you need more reasons to create dynamic content? No problem! 90% of the information we assimilate is received through sight and, what’s more, we retain 42% more information when the content moves.
- Generate experiences with your content.
- It’s got the Wow effect. Very Wow.
- Make sure your audience remembers the message.
Accidental external data breach v1
Lauren McDonald
Created on September 19, 2025
Start designing with a free template
Discover more than 1500 professional designs like these:
View
Terrazzo Presentation
View
Visual Presentation
View
Relaxing Presentation
View
Modern Presentation
View
Colorful Presentation
View
Modular Structure Presentation
View
Chromatic Presentation
Explore all templates
Transcript
Check out our animation about keeping your health data secure:
What is an accidental external data breach?
wow
Follow Hannah's story to learn more
START
Hannah recently had her routine cervical smear. She is waiting for a letter to arrive with her test results.
+ info
CONTINUE
My results haven't arrived
Having waited a long time for her test results, she calls the GP practice to find out where they are.
CONTINUE
The receptionist checks Hannah’s record and realises her test results have been sent to her old address.
Have you recently moved? I think your address information might be out of date.
CONTINUE
Another person may have seen her confidential medical information.
CONTINUE
This is an accidental external breach. Hannah's data has accidentally been put at risk outside of the healthcare system that is caring for her.
CONTINUE
Check if personal information is involved.
Establish what type and how much personal information.
Because there is a likely high risk to Hannah and her data in this situation, the Information Commissioners’ Offic or ICO, require that the GP practice must report the breach to them within 72hrs.
Consider who might have the personal information.
Information Commissioner's Office,
Work out how many people might be affected.
Consider the impact the breach might have on people's lives.
Document everything you know about the breach.
Who regulate and enforce data protection laws in the UK
Assess the risk to the people who's data has been breached.
CONTINUE
The health service involved must immediately inform Hannah of what has happened.
They must also ensure Hannah still receives the test results as soon as possible, to ensure that she is informed and that there is no delay to her getting any care she needs.
If a breach like this happens to your data, you will be notified by the service with information about what occurred and the process for what happens next.
Her address will be updated to prevent this mistake happening again.
CONTINUE
Health services take many steps to support the security of your data.
Services must review and report on their data security practices in line with clear quality standards.
Provide ongoing data security training to staff.
Appoint specific roles who monitor and advise on data security to health services.
CONTINUE
When it comes to health services, the ICO have an array of tools to regulate how your personal data is looked after...
CONTINUE
Their priority is to support services to make changes and prevent mistakes happening in the future.
In the case of the most serious errors, organisations can receive large fines as a penalty for breaches... but this is a last resort for the public sector as fines would take money out of the health service, which would only put patients at further risk.
CONTINUE
Click the buttons below for more information:
Read the research behind these resources.
Explore ICO information for the public.
Review NHS England guidance on data breaches.
Check out UPD’s health data policy explainers.
Find out how the ICO has been taking action in response to incidents in the health sector.
Check how well specific services perform on data security measures.
Read about an example of new technology improving security.
Learn about some examples of security roles in services.
Got an idea?
Let the communication flow!
With Genially templates, you can include visual resources to wow your audience. You can also highlight a particular sentence or piece of information so that it sticks in your audience’s minds, or even embed external content to surprise them: Whatever you like! Do you need more reasons to create dynamic content? No problem! 90% of the information we assimilate is received through sight and, what’s more, we retain 42% more information when the content moves.