NHS Trusts and Hospitals control and process highly sensitive and personal patient data, and  have a duty to keep that data safe and secure. And, for the most part, they do. However,  DRM Legal receive a steady flow of enquiries regarding data breaches by hospitals and other health providers.

These breaches can happen as a result of “human error” – often due to inadequate staff training, staff mistakes or negligence. Or, even worse, they may be the result of malicious actions by hospital employees. The ICO frequently report the penalties imposed on hospitals as a result of data breaches.

We have seen first-hand how profoundly distressing data breaches by hospitals can be.

We have helped clients in the following instances:

  • The medical data of our client was shared with a person with the same name, but different date of birth
  • Data rights were breached by sending the medical information by post to the wrong address
  • The hospital sent the personal data of a client to the wrong GP
  • Our client had his medical data published without his consent
  • The mother of our client’s ex-partner was working at the hospital and gained unauthorised access to our client’s medical records.

It is understandable why each and everyone of us wants to keep our medical personal data private. Sadly, when a medical data breach occurs, the information is out there and it cannot be unexposed.

Patients, quite rightly, expect heath providers to keep their medical records safe and secure, and this is particularly so if the patient has a medical condition of a sensitive nature.  If you think a hospital or heath provider has misused your medical data get in touch with one of our solicitors here at DRM Legal and we will advise you if you are eligible to make a claim for compensation.