A former GP practice manager has been fined for sending personal data to her own email account without authorisation, following an investigation by the Information Commissioner’s Office (ICO).

Shamim Sadiq worked at Hollybrook Medical Centre in Littleover, Derby, but was suspended on 3 November 2017 for unrelated matters and dismissed later that month.

Sadiq, of Carlton Road, Derby, admitted unlawfully accessing personal data and was fined £120, plus £364 costs and a victim surcharge of £30. Due to the timing of the incident, the defendant was prosecuted under section 55 of the Data Protection Act 1998 and not the new Data Protection Act 2018.