Dangers from within? Looking inwards at the role of maladministration as the leading cause of health data breaches in the UK

Leslie Stevens, Christine Dobbs, Kerina H. Jones, Graeme Laurie

Research output: Chapter in Book/Report/Conference proceedingChapter (peer-reviewed)peer-review

Abstract / Description of output

Despite the continuing rise of data breaches in the United Kingdom’s health sector there remains little evidence or understanding of the key causal factors leading to the misuse of health data and therefore uncertainty remains as to the best means of prevention and mitigation. Furthermore, in light of the forthcoming General Data Protection Regulation, the stakes are higher and pressure will continue to increase for organisations to adopt more robust approaches to information governance. This chapter builds upon the authors’ 2014 report commissioned by the United Kingdom’s Nuffield Council on Bioethics and Wellcome Trust’s Expert Advisory Group on Data Access, which uncovered evidence of harm from the processing of health and biomedical data. One of the review’s key findings was identifying maladministration (characterised as the epitome of poor information governance practices) as the number one cause for data breach incidents. The chapter uses a case study approach to extend the work and provide novel analysis of maladministration and its role as a leading cause of data breaches. Through these analyses we examine the extent of avoidability of such incidents and the crucial role of good governance in the prevention of data breaches. The findings suggest a refocus of attention on insider behaviours is required, as opposed to, but not excluding, the dominant conceptualisations of data misuse characterised by more publicised (and sensationalised) incidents involving third-party hackers.

Original languageEnglish
Title of host publicationData Protection and Privacy
Subtitle of host publication(In)visibilities and Infrastructures
Number of pages29
ISBN (Electronic)978-3-319-50796-5
ISBN (Print)978-3-319-50795-8
Publication statusPublished - 2017
EventComputers, Privacy & Data Protection 2016 - Brussels, Belgium
Duration: 27 Jan 201629 Jan 2016

Publication series

NameLaw, Governance and Technology Series


ConferenceComputers, Privacy & Data Protection 2016

Keywords / Materials (for Non-textual outputs)

  • privacy
  • information governance
  • data breach
  • data security
  • patient data
  • harm


Dive into the research topics of 'Dangers from within? Looking inwards at the role of maladministration as the leading cause of health data breaches in the UK'. Together they form a unique fingerprint.

Cite this