UK government hit with 1.2 million record-breaking payout over GDPR violation

The UK government has been hit with a record-breaking GDPR fine. The total payout stands at £12 million (approximately $15.1 million), which marks the highest ever penalty handed out by the Information Commissioner's Office (ICO). The fine was issued in response to a significant data breach at the General Healthcare Group (GHG), a company that manages a number of private medical facilities in the UK. The GHG is owned by the UK government, and the breach affected over 1.2 million people. According to the ICO, patient data was exposed during a period spanning over two years, from February 2019 to June 2021. The leak, which was not intentionally caused, involved the GHG's website. The ICO found that the GHG failed to implement proper data protection measures, leading to the unauthorized disclosure of patient data. The ICO noted that the GHG did not have adequate technical and organizational measures in place to protect sensitive patient information. The fine, £12 million, reflects the severity of the breach and the ICO's commitment to enforcing data protection laws. The UK government has accepted the fine and has committed to taking the necessary measures to address these issues and ensure that similar breaches do not occur in the future.