A hospital has reportedly sent the wrong medical records detailing the miscarriage data of another patient.
Liverpool Women’s Hospital were supposed to send a patient her medical records after she suffered a miscarriage at the hospital. As well as sending her own records, they somehow managed to send the medical data of another patient with the hospital notes as well.
The medical data breached in this incident included the patient’s name, address, data of birth, NHS number and notes about treatment they had received at the hospital for a miscarriage
The breached medical data the hospital sent by mistake reportedly included detailed notes about a very sensitive medical issue, including scan results and procedures to take place. The patient who received the information for the other patient said that the experience of finding someone else’s notes detailing what must be a traumatic time for the data breach victim brought back painful memories of her own miscarriage.
Liverpool Women’s Hospital will need to contact the patient whose medical data was leaked, and the victim of the medical data breach is entitled to seek their own legal advice for what has happened. Further, the incident will need to be reported to the Information Commissioner’s Office (ICO) by the hospital as well.
In response to the medical data breach, a spokesperson for the Liverpool Women’s Hospital said:
“We take patient confidentiality extremely seriously at Liverpool Women’s and any reports of issues on how we handle our patient information is investigated thoroughly.”
She went on to say that the hospital is: “still establishing how this happened and what measures we will put in place to ensure it does not happen again through an internal investigation.”
The seriousness of hospital data breaches
This is another example of how serious a hospital data breach can be. We have seen the private and sensitive medical information for a patient, who we assume has been going through a very traumatic time given the nature of the medical data disclosed, leaked to someone else.
Although we are not yet aware as to how the hospital managed to accidentally leak the medical data in the first place, it’s another worrying reminder that these kinds of hospital data breaches are happening all the time, and they must be stopped.
A huge proportion of the data breach victims we act for have had their medical data breached. The healthcare sector remains at the top in terms of the most breached data.
The new GDPR that came into force last month could lead to far higher penalties and fines for data breach offenders, which means the NHS must ensure the do more to prevent medical data leaks and breaches.