The circumstances surrounding the Ed Sheeran hospital data breach is not an uncommon occurrence.
Two members of staff at the Ipswich Hospital were disciplined for illegally accessing Ed Sheeran’s private medical information after he’d sustained injuries from a bicycle accident, with the star suffering from a broken his right wrist and left elbow that led to tour dates being cancelled.
One staff member embroiled in the data breach has been sacked while the other has reportedly received a written warning after being caught accessing Ed Sheeran’s personal details without any reason; but this kind of behaviour is not uncommon.
The act of medical staff illegally accessing medical records and personal details for people they know is a common problem within the NHS. There have been numerous prosecutions by the UK’s data watchdog, the Information Commissioner’s Office (ICO), after healthcare professionals and workers have accessed medical records for people they know.
Whether it’s the data of current or former partners, friends and family, or people they live nearby, a number of NHS workers have lost their jobs and landed themselves in hot water for illegally accessing medical records. In this case, it was the personal records of superstar celebratory that the staff were found to have accessed the personal details of.
Curiosity has ultimately cost one of them their job.
Any access of personal information without authority or reason can be a breach of important data protection legislation. A review into care given to “high profile” patients has reportedly been announced in the wake of the Ed Sheeran hospital data breach to ensure there is not a repeat of the incident in the future.
Snooping on medical records
Staff snooping on the medical records of people they know has led to investigations and warnings from the ICO. The matter is serous, and although many think that there’s nothing wrong with a bit of innocent snooping out of curiosity, it’s actually an act that can lead to you losing your job and facing criminal prosecutions.
It’s clear that the NHS must make sure staff are properly trained and re-trained to ensure healthcare workers know their rights and responsibilities when it comes to the private medical information of the patients under their Trust’s care. It is the NHS’ responsibility to ensure staff are trained and kept up-to-date with relevant legislation, and the staff members’ responsibilities to ensure they uphold their duties.