Nature of the Data Security Failures
The company failed to implement appropriate technical and organisational measures to safeguard patient information. Confidential documents were stored in unlocked containers and bags in an unsecured location, exposing them to loss, damage, and unauthorised access.