Addenbrooke’s Hospital data breach fine

The Information Commissioner’s Office (ICO) has issued a fine in the wake of a documentary that was filmed that led to the Addenbrooke’s Hospital data breach relating to patient consent.

London-based production company behind the filming, True Visions Productions (TVP), were fined £120,000.00 for unlawfully filming in a maternity clinic. As the incidents took place before GDPR, they have been fined in accordance with the previous rules where maximum fines could reach up to £500,000.00; unlike the recent record-setting fine of £183m issued to British Airways.

Filming took place between 24th July 2017 and 29th November 2017 and ceased following complaints received by the ICO. The ICO said: “A patient attending the clinic would not have reasonably expected there to be cameras in examination rooms and would expect to be made aware of any filming.”

About the Addenbrooke’s Hospital data breach

The Addenbrooke’s Hospital data breach stemmed from the use of static, fixed CCTV-style cameras and microphones that had been placed in three out of the four rooms of Clinic 23 at the Maternity Assessment Unit at the hospital.

The ICO estimates that there may have been as many as 1,990 people who were filmed, based on an average of five patients being seen per day.

How did True Visions Productions (TVP) break the law?

The Addenbrooke’s Hospital data breach issue is all about consent. Although TVP had permission from the Cambridge University Hospitals NHS Foundation Trust to film on site, they failed to acquire proper consent from the people they were filming.

The ICO’s investigations confirmed that:

No advanced consent was obtained from patients being filmed;
Patients were not specifically informed about the filming and the documentary;
If a patient became aware of the filming and objected to being filmed, there was no way of the cameras being stopped, and they had no stop buttons on them. The only alternative was to cover the cameras or use the only room that did not contain cameras. However, on at least one occasion, the singular room not being filmed was not available for use.

TVP were also reportedly not on site at all times during the documentary filming which has led to additional criticism.

In terms of informing patients and visitors about the filming, TVP posted notices in the vicinity of the cameras, and left generalised letters in waiting rooms. We understand that the note stated that “no mums or visitors will be filmed without permission”, which the ICO confirmed was “not accurate”.

Further, the letters failed to explain that any patient or visitor that did not want to be filmed will need to request to use the only room without cameras in it.

The ICO concluded that a patient would reasonably expect that this kind of filming would be clearly brought to their attention. Because TVP failed to acquire proper consent and failed to adequately draw people’s attention to the filming, they were found in breach of important data protection laws.

The ICO also considered their behaviour to not be consistent with the Broadcasting Code as well.

A serious incident

We cannot ignore that the Addenbrooke’s Hospital data breach took place in an intimate and often traumatic environment.

The Maternity Assessment Unit at the hospital would have been used by patients in need of information and medical assistance for matters that are very personal and incredibly sensitive. There may have been patients suffering with extreme stress and anxiety, whether due to pregnancy in general, or where there are complications.

The filming of the documentary will likely have captured intimate moments during times of severe trauma. The subject of the TVP documentary was about stillbirths, and those are the kinds of moments that the cameras would have captured.

A similar action we settled

We previously represented a group of people who had been secretly filmed as part of a whistle-blower’s efforts to uncover poor dental practises which led to the biggest dental recall in NHS history.

Poor hygiene practices and failures to adhere to cross-contamination protocols was secretly filmed by a whistle-blower to expose his behaviour. Although the whistle-blower’s intentions were of course honourable, the patients did not consent to them being filmed during intimate dental appointments.

We settled cases, and victims we represented on a No Win, No Fee basis were awarded compensation.

Start Your Claim

You can call our claims team free from a landline or mobile on 0800 634 7575 or click on the link below to create a call back with one of our expert Data Claims team.

Create A Call Back

Information on how we handle your data is available in our Privacy Policy.

The content of this post/page was considered accurate at the time of the original posting and/or at the time of any posted revision. The content of this page may, therefore, be out of date. The information contained within this page does not constitute legal advice. Any reliance you place on the information contained within this page is done so at your own risk.