London Clinic Fined £180,000 for Revealing Service Users’ Names

Blog > All > London Clinic Fined £180,000 for Revealing Service Users’ Names

Patients and service users at a London-based sexual health clinic have been left in significant distress as it has been announced that their confidential information had been accidentally released.

 

A staff error has resulted in a £180,000 fine for the clinic, when addresses were wrongly “to” field instead of the “bcc” field when sending a September issue of their newsletter. Chelsea and Westminster hospital NHS foundation trust, which runs the London clinic, received the substantial fine after the Information Commissioner’s Office discovered the serious breach to the Data Protection Act and Patient Confidentiality.  As a result of the expensive error, anyone receiving the letter could see the email addresses of all other recipients. Moreover, 730 of the 781 email addresses in which the newsletter went out to, contained recipients’ full names.

Patients have consequently been left understandably terrified that the incident could leave them open to blackmail and public outing. As information commissions Christopher Graham explained, it is “clear that this breach caused a great deal of upset to the people affected”. Due to the localised nature of the clinic, it only serves a very small-scale radius of patients, meaning that many patients claimed to have recognised other people’s names on the lists, and feared that their own names would be recognised too.

Furthermore, what makes this incidents so much more unacceptable is the fact that the trust failed to learn from their previous errors, as it was revealed that a previous major breach in patient confidentiality was brought to light in 2010 when the pharmacy department send a questionnaire to 17 patients in relation to their HIV treatment, meaning recipients could see who else was attaché din the email and everyone else could see their email address.

Understandably, many patients are now taking legal action against the clinic for the distress that they have suffered as a result of the data breach. Sean Humber, a lawyer who is acting for more than 20 of the affected patients, claims that this is one of the most serious cases he has seen is over 20 years.

 

Data Protection is vital to maintaining customer trust. Here at XPO confidentiality and customer assurance is our main priority. We offer a service that customers can have confidence and trust in.

“XPO have always provided a Reliable, efficient and easy to use service. Always on time and professional with the disposal of equipment.”

– Property Consultant, Birmingham Property Consultancy

 

See full article:

https://www.theguardian.com/technology/2016/may/09/london-hiv-clinic-fined-180000-for-revealing-service-users-names

The author: XPO
No comments to read

Leave a Reply

Your email address will not be published. Required fields are marked *