The NHS has been fined £180,000 following inappropriate leaks at a sexual health centre.
Details of around 800 patients who had attended HIV clinics where accidentally released.
The 56 Dean Street clinic in London sent out a newsletter in 2015 that mistakenly revealed the recipients’ email addresses to one another.
It had been intended at the time for the email to be distributed in a blind-copy sense, but instead details were unfortunately distributed as a group email.
The Information Commissioner has described what was a genuine error as a “serious breach of the law”.
And Information Commissioner Christopher Graham indicated that although there had been no deliberate intention to breach privacy, the verdict reached by the commission was entirely appropriate and proportionate.
“People’s use of a specialist service at a sexual health clinic is clearly sensitive personal data. The law demands this type of information is handled with particular care following clear rules and, put simply, this did not happen. It is clear that this breach caused a great deal of upset to the people affected.”
The initial email error had been made back in September 2015, and has been revealed almost instantly due to the reaction of those that received it.
And the clinic had been forced to concede at the time that it was a major oversight, and one that indeed deserved some form of retribution.
At the time, the clinic’s consultant Dr Alan McOwan had stated quite openly that the clinic had “screwed up on this one”.
“The clinic served a small area of London and we know that people recognised other names on the list, and feared their own name would be recognised too,” the aforementioned Graham noted.
Following an investigation into the subject, the Information Commissioner’s Office also discovered that the Chelsea and Westminster Hospital NHS Foundation Trust, which operates 56 Dean Street, had made another similar error six years ago.
“That our investigation found this wasn’t the first mistake of this type by the Trust only adds to what was a serious breach of the law,” Graham confirmed.
Responding to the decision of the commission, the Trust’s Medical Director Zoe Penn acknowledged that this had been a major oversight from the clinic, and indicated that processes and procedures at the organisation have been updated in order to avoid further embarrassment in the future.
“We fully accept the ruling of the ICO for what was a serious breach and we have worked to ensure that it can never happen again. I reiterate my apology to all those that were affected by this incident. We have kept in touch with affected individuals, with their consent, to update them on the actions we have and will continue to take in order to prevent others from being put in a similar situation in the future.”