Comment Re:so they got an anti-abortion judge (Score 1) 104
I may be wrong on this, but in the US, HIPAA would rule the day on such a case, no? That would mean that 200k Pounds Sterling would be a wee drop in the bucket compared to the fine such an organization would face here should it face a data leak of that magnitude.
You're making substantial assumptions about what kind of teeth HIPAA has. When I worked at a medical software company -- wherein I was directly responsible for systems handling patient data, went through HIPAA training, and worked directly with our HIPAA compliance officer to determine technical measures -- it was damned near toothless; what we spent hiring said officer and taking said measures was much more than we would have been fined for a single breach. (We wouldn't have been able to sell the system or satisfy investors unless we could pass an audit, so it was the right business decision to make, but much of what our compliance officer told us was how much work we didn't have to do; the actual compliance requirements often fell far short of what I considered best practices).