There has been a Heart of England NHS data breach incident, and it’s yet another case of an NHS employee snooping on the personal data of people they know.
We’ve spoken out about the issue of NHS employees abusing their rights to access medical data a lot recently. The Information Commissioner’s Office (ICO) – the UK’s data watchdog – has prosecuted a number of offenders for such actions. They’ve also had to send out warnings to staff about their responsibilities and the punishments they can face when it comes to this kind of behaviour.
A large volume of the cases we represent people for are NHS data breach compensation claims, so hearing of these kinds of incidents isn’t surprising.
About the Heart of England NHS data breach incident
Birmingham Magistrates’ Court has fined a 32-year-old employee at the centre of the Heart of England NHS data breach incident. The employee in question, Faye Caughey, is said to have unlawfully accessed the personal data of 14 people between February 2017 and August 2017.
She was authorised to access records using the Trust’s CareFirst and iCare systems, but it transpires she abused her right of access. It’s understood that she accessed the data for seven children and seven family members who were known to her.
Guilty plea in the Heart of England NHS data breach case
The outcome of the Heart of England NHS data breach court case is that Caughey pleaded guilty earlier this month and has been ordered to pay fines and costs of over £1,600.00. It’s unclear as to whether she has lost her job as a result of the incident, although it’s typical for employment contracts to be terminated when this happens.
This is yet another case of an NHS employee snooping on medical data they have no need to access but have the power to view. Although accessible medical data access is vital for many NHS staff, there has to be clear protocols and systems in place to prevent people from snooping on records they’ve no right to be looking at.
NHS data breach compensation claims are one of the most common types of cases we help people with. We’re representing a number of people whose rights to privacy when it comes to medical records has been breached, including for medical records snooping.
In a statement, the ICO has again warned that action will be taken when people are found guilty of breaking the law. It read:
“People expect that their personal information will be treated with respect and privacy. Unfortunately, there are those who abuse their position of trust and the ICO will take action against them for breaking data protection laws.”