NHS trust fined for HIV data breach

Chelsea and Westminster Hospital NHS Foundation Trust has been fined £180,000 after it accidentally revealed the emails of HIV patients and was judged to have breached the Data Protection Act.

 

One of Soho’s most frequented and well known sexual health clinics, 56 Dean Street, unwittingly revealed the private emails of over 700 HIV patients in an email newsletter.

Reportedly due to an error, recipients of the newsletter could see the email addresses of fellow HIV patients as they had been incorrectly entered into the ‘to’ field, rather than the ‘bcc’ field.

730 of the 781 email addresses contained people’s full name, including some patients who did not actually have HIV.

The Information Commissioner’s Office (ICO) found there had been a “serious breach of the Data Protection Act, which was likely to have caused substantial distress.”

Christopher Graham, Information Commissioner explained that “the law demands this type of information is handled with particular care following clear rules, and put simply, this did not happen.” Adding that the clinic “served a small area of London, and we know that people recognised other names on the list, and feared their own name would be recognised too.”

In March 2010, the ICO found that the same NHS Trust had previously made a similar error when a member of staff in the pharmacy department sent a questionnaire to 17 patients. Likewise, the member of staff entered emails into the ‘to’ field instead of the ‘bcc’ field.

For this reason, Graham said “our investigation found this wasn’t the first mistake of this type by the Trust” which “only adds to what was a serious breach of the law.”

HM Treasury’s Consolidated Fund will receive the full £180,000.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s