In what Hywel Dda University Health Board admitted to be the second data protection breach they have faced of this nature, yet another NHS worker has been caught accessing confidential medical records without a valid reason.
Instances of NHS workers accessing medical records when they have no reason or right to access them is a common problem at the moment. Most of the time, staff committing the breaches are accessing records for people they know out of nothing more than curiosity.
“Devastated and disappointed”
The health board have said they are “devastated and disappointed” having confirmed that an administrative worker accessed the confidential records for 41 patients. An investigation discovered the breach, and the patients affected have been notified.
It is said to be the second data breach of this nature in the last two years, with the previous one involving a nurse at Glangwili Hospital who accessed the files of over 3,000 patients across a period of two years.
The struggle between access and security
Having readily-accessible NHS medical records can be vital to allow healthcare professionals to do their job quickly and efficiently. Take an accident and emergency scenario where a patient is brought in and their medical history is unknown; the ability to quickly access their records could save their life.
But, such ease of access can come at a cost, and that cost – as is being shown time and time again with staff accessing medical records they shouldn’t be doing – is data security.
Better systems needed
The WannaCry cyber-hack last year was evidence enough that a lot of NHS systems are out-of-date and not secure. But, with better systems, data access and data security can work.
Person-specific access and tracking of data access, and flagging of unusual access, isn’t hard to achieve. If the NHS are to stamp out medical record data protection breaches, they need better systems and better training for staff.
Medical data protection breaches remain the worst
Data protection breaches from cyber-hacks, data leaks or data breaches in the medical sector remain at the top of the pile in terms of numbers.
Aside from the fact that data protection breaches create victims, the primary issue when it comes to medical data breaches is the fact that the data breaches are often very personal and sensitive.
Having your name and address released can be annoying; having your private medical records disclosed can be another matter entirely.
Rights for justice from medical record data protection breaches
You can be entitled to claim for data protection compensation as a victim of a medical data breach.
Whether there is a claim to make or not can depend on how the information was breached, and what information was breached.
Victims do have rights, and we represent a lot of victims of medical data breaches given how often they can occur.