Question to the Department of Health and Social Care:

To ask the Secretary of State for Health and Social Care, what information he holds on the number of data breaches of patient information in the NHS in the last year.

This information is not collected centrally. There is no requirement for National Health Service organisations to report patient data breaches to the Department.

Under the UK General Data Protection Regulation, if a personal data breach occurs, the responsible body must establish if there is a risk to people’s rights and freedoms, and if so, notify the Information Commissioner’s Office.