Another NHS worker fined by the ICO for accessing and disclosing information from medical records
unsecured database compensation claims

Another NHS worker fined by the ICO for accessing and disclosing information from medical records

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

On the 11th August 2017 yet another NHS (now former) worker was fined by the Information Commissioner’s Office (ICO) for accessing sensitive health records belonging to family, friends and colleagues without authorisation.

She even disclosed information she found.

Brioney Woolfe worked at Colchester Hospital University NHS Foundation Trust as a Midwifery Assistant. The self-confessed ‘nosy’ midwifery assistant reportedly accessed 29 patient medical records, including the parents of her children’s school friends.

Accessing records illegally

She reportedly accessed files without authorisation, and her actions were discovered when a patient realised Woolfe’s ex-partner knew about their records.

An investigation was opened and Woolfe was found to have accessed medical records belonging to 29 people without permission between December 2014 and May 2016. Of the 29 patients, 23 were women and only two of these were pregnant.

Personal snooping

When answering her crimes, the 28-year-old confessed that whenever her children were invited to a party, she would look up the parents’ details. She maintained her curiosity was never intended to be malicious, but data protection rules mean that, regardless of intention, she still obtained and disclosed personal data without authorisation and therefore breached the Data Protection Act.

Updated training for staff

A spokesman for the hospital said that maternity staff have received updated information training as a result of Wolfe’s actions; leaving some speculation as to whether data protection protocols were perhaps less than sufficient in the first place. He also said:

“It is essential that all NHS organisations use and store patient information appropriately and securely, and we take any breach extremely seriously.”

Unfortunately, this kind of thing just keeps on happening.

The snooping trend…

This recent case comes not long after ICO warnings to workers about not accessing patient records unless they have permission and/or proper reason to do so. The warning also reminds us that even if it is not done maliciously, data protection can still be breached and real consequences can follow. In this case, Woolfe was fined £400 for accessing the sensitive information; £650 for disclosing some of it; £600 for costs; and a £65 victim surcharge.

Although Woolfe reportedly had an ‘unblemished’ record at work, she understandably lost her job of 12 years as a direct result of her actions.

ICO gives stern warnings

Head of Enforcement at the ICO, Steve Eckersley, once again warns about letting personal curiosity get the better of you. Whilst a curious snoop may seem harmless:

“…patients are entitled to have their privacy protected and those who work with sensitive personal data need to know that they can’t just access it or share it with others when they feel like it. The law is clear and the consequences of breaking it can be severe.”

Data protection rules apply to companies, organisations and individuals. Whilst companies and organisations have a responsibility to ensure that information stored and processed is done so in a safe and secure way, individuals cannot flout their own ability to access and abuse information for personal gain or curiosity.

Start Your Claim

You can call our claims team free from a landline or mobile on 0800 634 7575 or click on the link below to create a call back with one of our expert Data Claims team.Information on how we handle your data is available in our Privacy Policy.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Contact is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon