The NHS has been at the center of a number of data breach scandals. Recently, subsidiaries of the NHS have been fined for losing patient information, for data ending up in the wrong hands, and for not encrypting or securing data. And this is not all. Repeated failings have brought doubt over the agency’s ability to effectively protect patients’ sensitive information. In this document, you can find all the details of these failings to legally comply and a lesson to be learned.