More access of patient records without authorisation in the NHS
ico warn nhs staff over accessing medical records

More access of patient records without authorisation in the NHS

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

There has been another prosecution over the access of patient records without authorisation in the NHS.

The UK’s Information Commissioner’s Office (ICO) has fined and prosecuted Michelle Harrison, formerly employed by Milton Keynes Hospital Trust, for accessing patient records without authorisation. Harrison reportedly pleaded guilty to improperly accessing the records of 12 people without any need or authorisation to do so.

This prosecution is the latest in a long line the ICO has had to enforce against NHS staff accessing medical records when they shouldn’t be.

Harrison has been fined hundreds of pounds as a result of the breaches that were committed between March 2016 and January 2017, while she was employed as a receptionist by Milton Keynes University Hospital NHS Foundation Trust. The records she accessed included those of an ex-partner and a woman who has alleged that Harrison used the medical data she accessed to harass her.

Harrison pleaded guilty to the charges.

An ongoing problem

Access to NHS medical records can be key for NHS staff to be able to make better decisions and act quickly when needed where they have fast access to vital patient data. On the flip side, this ease of access when it comes to medical data has led to a spate of improper access incidents like this one here.

Harrison really is the latest in a very long line of NHS staff who have lost their jobs and been prosecuted by the ICO for improperly accessing medical records; usually for people they know or live near. It’s a problem the NHS needs to stamp out, which could be done with far better training, auditing of access, and restrictions for some staff (like administration staff) being able to access records willingly.

All NHS patients have a right to privacy, and sensitive and confidential medical information should only be accessed and available for when it’s actually needed. Improper access like this not only compromises the patient’s right to privacy, but it also undermines the NHS itself, and once data has been revealed or compromised there’s little that can be done to reverse the damage in many instances.

Although some may argue that these employees who are improperly accessing medical records are going above and beyond their station in doing so, better training and auditing can stamp this out. If staff know their access to records will be clearly tracked and that improper access to medical records will lead to prosecution, we would expect these scenarios to drastically fall. In addition, more technology to restrict improper access can be utilised as well.

Unless we see these kinds of much-needed changes, the NHS are left exposed to medical data breach compensation claims when staff improperly access medical records without authorisation.

Start Your Claim

You can call our claims team free from a landline or mobile on 0800 634 7575 or click on the link below to create a call back with one of our expert Data Claims team.Information on how we handle your data is available in our Privacy Policy.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Contact is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon