Hospital staff accessing medical records inappropriately

Hospital staff accessing medical records without any good reason to do so can amount to a serious breach of patient privacy and can allow victims to claim medical data breach compensation.

Any form of inappropriate access to confidential medical data can amount to an abuse of access rights and a breach of the GDPR. Those who have lost control of their personal information arising from such an incident could be eligible to pursue No Win, No Fee data breach claims.

Your Lawyers – The Data Leak Lawyers – are leading privacy claims experts, representing thousands of victims for data cases. We have secured damages for victims who have suffered from such data breach events, and our team is on hand to help anyone affected by an incident of this nature.

What can be classed as inappropriate access to medical records?

Hospital staff accessing medical records must only do so when it is appropriate and is required as part of their employment and part of what they are working on. If a nurse or a doctor needs to access the records of a patient that they are treating, or are involved in helping, this should be fine. However, if there is no reason for hospital staff accessing medical records of a particular patient, that is when it could be deemed as inappropriate.

The most common reason that staff break the rules and engage in such behaviour is when they are looking at the medical records for someone they know. Commonly referred to as “snooping”, this kind of inappropriate medical records access can lead to staff losing their jobs and being criminally prosecuted. The UK’s data watchdog, the Information Commissioner’s Office (ICO), has prosecuted a number of individuals for such offences. They have even been forced to issue generic warnings due to repeat events occurring.

Sometimes, NHS staff have been found to have been looking at troves of medical records for seemingly no reason at all; perhaps through curiosity. We saw this in the mass snooping event that impacted some 2,000 patients in the Greater Manchester area, where we represent a number of claimants affected by this issue.

A recent example: the Nottinghamshire Nurse

In a recent inexcusable example, a Nottinghamshire nurse reportedly accessed the confidential medical records of people she had matched with on a dating website, as well as an ex-partner and their new wife. It is understood that she accessed the information for some 28 separate individuals between August 2017 and December 2019, “without appropriate authority and against Trust policy”.

This kind of blatant data breach is completely unacceptable and is a serious invasion of the victims’ privacy. Those affected could be eligible to pursue a claim for data breach compensation.

Compensation for hospital staff accessing medical records inappropriately

You could be eligible to claim data breach compensation as a victim of hospital staff accessing medical records that belong to you where it was inappropriate to do so. You may be able to claim damages for any distress caused by the loss of control of your personal information, and this can be substantial when it comes to information as personal and sensitive as medical records.

Compensation pay-out amounts can be high for such cases, and a lot of the thousands of people that we represent for data claims have been affected by medical data breach issues. We have already recovered over £1m to date for mostly individual data breach victims with our average, as of the end of 2021, still at just over £6,000 in damages alone that we have won for each claimant. We can also work on a No Win, No Fee basis for eligible clients.

Speak to the team here now for free, no-obligation advice.

Police data breaches in 2020 and 2021

Has a social worker leaked information and breached your confidentiality?