THE trust that runs Whiston Hospital reported itself to the Information Commissioner’s Office (ICO) following a data leak, it has been revealed.

Francis Andrews, assistant medical director at St Helens and Knowsley Teaching Hospitals NHS Trust, told members of the board that the incident was “regrettable”.

Speaking at the board meeting, he said the leak, which occured in the last financial year, related to “personal details” of its employees that was inadvertently sent to other employees.

Mr Andrews said the trust acted swiftly to address the leak and then reported itself to the ICO.

“The ICO returned to the Trust with the decision that the incident warranted no further action from them in their role as the regulatory body for data protection,” it says in the Trust’s information governance annual report.

“This was due to the Trust’s comprehensive response to the incident.

“Steps were also taken to minimalise the chance of similar incidents occurring the future.”

Christine Walters, director of informatics, told the board the Trust took the leak “very seriously”.

She said the ICO were happy with the Trust’s quick response to the incident.

Mr Andrews also updated the board on the Trust’s compliance with the EU’s General Data Protection Regulation (GDPR) legislation, which came into force last week.

He said the Trust is not fully compliant with the new regulations due to detailed guidance from the ICO only being published in recent weeks.

A GDPR action plan has been developed to make sure the Trust is fully compliant with the new legislation.

Ms Walters said the ICO does not expect organisations to be fully compliant just yet and added that the NHS is “well-placed” compared to some private organisations.

She said: “If the ICO were to come in now we could provide the evidence that we are taking it seriously and appropriately.”