NHS patient confidentiality breached 5 times every week

A new Big Brother Watch report reveals how medical information is lost, shared on Facebook and how NHS staff look at each other’s medical records

According to Freedom of Information Act requests, between July 2008 and July 2011 there were at least 806 separate incidents where patient medical records were compromised, highlighted a shocking number of incidents in the NHS where patient medical records were accessed inappropriately.

This included:

  • 23 incidents of patient information being posted on social networking sites
  • 91 incidents of NHS staff looking up details of colleagues
  • 24 NHS Trusts saw confidential information stolen, lost or left behind by staff
  • 44 NHS trusts failed to respond to the Freedom of Information request and 55 Trusts refused to release all or some if the information requested.

Despite these breaches of Data Protection policy, just 102 cases resulted in dismissal of staff.

You can download the report here.

Nick Pickles, director of Big Brother Watch, said: “This research highlights how the NHS is simply not doing enough to ensure confidential patient information is protected.

“The information held in medical records is of huge personal significance and for details to be disclosed, maliciously accessed or lost and these cases represents serious infringements on patient privacy.

“As the summary care record scheme is rolled out and an increasing number of people have access to private patient information, urgent action is needed to ensure that we can be sure our medical records are safe.

“It is essential the NHS is transparent about these incidents and failing or refusing to disclose that a data breach has taken place is unacceptable.”

Speaking at the 10th annual data protection compliance conference in London, Information Commissioner Christopher Graham said data breaches in the NHS continue to be “a major problem”. Of the 47 undertakings the ICO has agreed with organisations that have breached the Data Protection Act since April, over 40 percent (19) were in the healthcare sector.

The research follows on from an earlier Big Brother Watch report ‘Broken Records’, which highlighted how more than 100,000 non-medical personnel working in NHS acute trusts in Britain have access to confidential medical records and comes days after the Commons Justice Select Committee argued courts should have the power to punish people breaching the Data Protection Act with prison sentences, saying fines are an “inadequate” deterrent.

Download the report here.