BBC News

NHS has repeated data breaches

image copyrightSPL

There are nearly 2,500 breaches of confidentiality by the NHS each year, according to an investigation by a privacy campaign group.

Big Brother Watch discovered cases of private data being stolen, accidentally sent by post or fax as well as inappropriate posting on social media.

In total, there were 7,255 recorded incidents between April 2011 and April 2014.

The organisation said the mistakes were "unacceptable".

Big Brother Watch asked NHS trusts for any breaches of personal data.

It found:

  • 50 cases of data being posted on social media
  • 103 cases of data being lost or stolen
  • 251 cases of data being inappropriately shared with a third party
  • 236 cases of data being shared by email, letter or fax

There were 61 resignations as a result, according to the data supplied by the NHS Trusts.

In June, it emerged that the personal data of thousands of ambulance service staff had been accidentally published online.

'Completely unacceptable'

Emma Carr, the director of Big Brother Watch, told the BBC: "We're not saying this is an epidemic, but it is important that this kind of report is put in the public domain as more and more people have access to medical records.

"Overall their record is good, they're dealing with incredible amounts of information and the scale of people accessing it is unprecedented."

She added: "The information held in medical records is of huge personal significance and for details to be wrongly disclosed, maliciously accessed or lost, is completely unacceptable.

"Urgent action is therefore needed to ensure that medical records are kept safe and the worst data breaches are taken seriously."

South West Yorkshire Partnership NHS Foundation Trust had the most breaches with 869. The vast majority of cases resulted in no disciplinary action.

Staff mistakes

Dawn Stephenson, director of corporate development at South West Yorkshire Partnership NHS Foundation Trust, said: "The Trust takes its information governance duties very seriously and all staff undertake annual mandatory training as a minimum.

"We operate in an open and transparent way and encourage reporting of breaches, however minor, as a means of shared learning.

"Most breaches are as a result of mistakes made by members of staff with no or very minor consequence.

"In such cases, members of staff are supported through additional training and supervision.

"The Trust has dealt with all cases appropriately including a small number where disciplinary action was taken."

Big Brother Watch is calling for better training within the NHS and for custodial sentences for the worst offenders.

A spokesperson for NHS England said: "Patient confidentiality is an absolute right and crucial to the doctor patient relationship.

"The NHS has a culture of reporting and investigating data breaches to ensure lesson are learnt.

"We are always looking to improve the management, security and confidentiality of patient information in the context of providing health services to an entire population."

Related Topics

  • NHS

More on this story

  • NHS plans 'kitemark' for health apps