Research suggests NHS continually breaks data laws


According to new research, patient records held by the NHS are in breach of data laws on a regular basis, as files are lost or distributed in violation of data protection legislation.

Big Brother Watch, a civil liberties group, conducted the sampling of a range of UK NHS trusts through the Freedom of Information Act. They recorded 7,255 violations of data protection rules in three years, with approximately 50 cases of data being shared on a social media platform.

The report recorded data violations such as administrative errors causing mix-ups between patients and their record, as well as data being sent by mistake to private companies; medical files were left unattended both in the trust premises and in public places, with computers disposed of without having had full memory wipes so that data could still be extracted.

The study also found 143 instances of NHS staff viewing patients’ records for “personal reasons”.

Director of the privacy group, Emma Carr, said, “the information held in medical records is of huge personal significance and for details to be wrongly disclosed, maliciously accessed or lost is completely unacceptable. With an increasing number of people having access to patients’ information, the threat of data breaches will only get worse.”

Urgent action is therefore needed to ensure that medical records are kept safe and the worst data breaches are taken seriously.”

If the government wants to introduce new schemes which will make the public’s data more accessible, then this must go hand in hand with greater penalties for those who abuse that access. This should include the threat of jail time and a criminal record.”

Three separate trusts each recorded over 500 violations of patients’ data, with South West Yorkshire Partnership NHS Foundation Trust (Mental Health) the worst performing in the survey, being accountable for 869 breaches of data protection.

Related reading