Yet another NHS worker fined for accessing sensitive medical records without authorisation
healthcare data breaches

Data Leak Lawyers - Begin Your Data Breach Claim Today!

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Yet another NHS worker fined for accessing sensitive medical records without authorisation

It seems the NHS can’t keep its staff under control as yet another worker has been found guilty of accessing sensitive medical records without authorisation.

Linda Reeves reportedly abused her position as a former data coordinator with access to the Trust’s patient database by rifling through medical records belonging to colleagues, friends and neighbours. She did not have any consent or authorisation from patients or her employer as the data controller.

Reeves has since resigned from her job at The University Hospitals of North Midlands NHS Trust.

What happened?

The North Staffordshire Justice Centre was told that from October 2014 to April 2016, Reeves had accessed 398 patient records without permission. Reeves’ lawyer, Tony Cooke, defended her actions as being without malicious intent, noting her personality as “just plain nosy and looked at things that caught her imagination and interest.”

Further comment read:

“She tells me she has been stupid. She did it out of ignorance, not knowing that she was getting herself into. She knows she’s been reckless but I don’t think anyone can say she acted with malice. She felt she had to leave the NHS after these allegations.”

Sadly for Reeves, ignorance of the law is not a defence, and will not alleviate any potential damage caused.

NHS look to repair trust

Medical director at the NHS hospital, John Oxtoby, spoke about the incident in hopes of repairing trust in the NHS, noting that staff are “aware that confidentiality is of the utmost importance and that unauthorised access to patient records is not acceptable and will lead to disciplinary action. There are strict protocols that they must follow and I am confident that almost without exception our staff can be fully trusted to respect the privacy of our patients.”

Unfortunately, it appears that the NHS have a while to go yet before they can ensure their data security protocols are airtight.

Regulators’ involvement

The Information Commissioner’s office was notified of Reeves’ data breach and issued a fine of £700.00 after she pleaded guilty to charges. Reeves will also need to pay an additional £364.08 in costs and a victim surcharge of £70.00 as well. In this case, curiosity has come at the cost of over £1,000.00 and the loss of a career.

A worryingly common occurrence…

The fine comes just weeks after the ICO published a warning to curious employees over the consequences of snooping on personal data without authorisation. Cooke’s words illustrate how easy it is to give in to temptations of having a peek here and there to satisfy your curiosity. Employees may think there is nothing wrong with having a little look, but for the data subject, it’s not nice.

In response to the conviction an ICO spokesperson stated:

“People need to stop and think about the consequences before accessing personal information out of curiosity… It is against the law to access medical records containing personal data without a business purpose to do so. The law is clear and the consequences of breaking it can be severe.”

Eight fines in the past year alone…

The ICO has fined eight healthcare workers in the past year alone for snooping on medical records belonging to friends, family, colleagues and neighbours. The ICO continue to emphasise the importance of respecting someone’s right to privacy:

“Patients are entitled to have their privacy protected and those who work with sensitive personal data need to know that they can’t just access it or share it with others when they feel like it.”

The content of this post/page was considered accurate at the time of the original posting and/or at the time of any posted revision. The content of this page may, therefore, be out of date. The information contained within this page does not constitute legal advice. Any reliance you place on the information contained within this page is done so at your own risk.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy
Contact is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon