Belfast Telegraph

Home News UK

NHS patient data 'put on Facebook'

Personal details, including a photograph of a patient, have been put on Facebook as the confidentiality of NHS records is breached five times every week, figures show.

There were more than 800 incidents where the laws protecting the privacy of patient records were breached over the last three years by more than 150 NHS trusts, a report by the campaign group Big Brother Watch showed.

In one instance at the Nottingham University Hospital NHS Trust, a member of medical staff was dismissed after posting a picture of a patient on the popular social networking site.

It comes after the Commons Justice Select Committee and the Information Commissioner Christopher Graham said tougher powers were needed so that those who break data protection laws and obtain personal details by deception could be jailed.

The figures, released following a Freedom of Information Act request, showed there were at least 806 incidents in 152 NHS trusts where NHS employees breached data protection policies between July 2008 and July 2011 - more than five a week.

These included 23 incidents where NHS staff were found to have posted confidential medical information on social networking sites, either mentioning a patient's name, commenting on them or sharing details from their confidential records.

There were more than 90 incidents where NHS employees inappropriately accessed or used the private medical information of their colleagues, and more than 30 incidents where they looked up family members, the figures showed. Their actions led to a total of 102 NHS staff being sacked.

Nick Pickles, director of Big Brother Watch, said: "This research highlights how the NHS is simply not doing enough to ensure confidential patient information is protected. Urgent action is needed to ensure that we can be sure our medical records are safe."

A spokesman for the Information Commissioner's Office said: "We continue to work with organisations from across the NHS to improve the security of patients' information and will consider taking action where it is clear that an organisation has failed to meet its legal obligations."

Health Minister Simon Burns said: "We have issued clear standards and guidance to the NHS about what needs to be done to keep patient records secure and confidential. Individual NHS organisations are responsible for ensuring their staff understand and follow that guidance."


From Belfast Telegraph