Greater Manchester NHS Data Breach - Thousands Of Patients Hit By Data Breach

Widespread Unauthorised Medical Records Access In Greater Manchester

The Wrightington, Wigan and Leigh NHS Foundation Trust has written to over 2,000 patients to confirm that their medical records have been inappropriately accessed.

The data breaches are reported to have taken place over an 18-month period and were discovered following an investigation that followed a patient complaint.

The UK’s data regulator, the Information Commissioner’s Office (ICO), has been informed about the data breaches. A GDPR fine may be issued in the future, which could be substantial if they deem the Trust’s policies and procedures for data protection to be inadequate. Victims can also be entitled to make a claim for data breach compensation, which we advise about below.

The Trust has written to patients whose medical records have been subjected to the unauthorised access. In some cases, patient records have been accessed on single occasions, whereas others have had their information inappropriately accessed on multiple occasions, and / or for prolonged periods of time.

The Trust has offered their “sincerest apologies” over the data breaches. Worryingly, the perpetrators responsible for the unauthorised access have not yet been identified.

An “Extremely Alarming” Event

It has yet to be confirmed why members of staff have been accessing medical records for individuals who were not under their care.

In our experience, NHS staff committing such data breaches usually know the patients that they look at the records for, with the victims often current and former partners, relatives, friends, neighbours, etc. These kinds of snooping incidents have resulted in several prosecutions from the ICO, and general warnings issued to remind NHS employees that unlawfully accessing patient records is an offence.

In the Greater Manchester case here, we could be looking at several cases of NHS employees accessing the records for people they know. If the systems that the Trust has in place does not control this kind of behaviour, we could be looking at a wide-scale example of data snooping, which is extremely alarming.

We will be keeping a close eye on the developments of the investigations in terms of identifying exactly why so many patients’ medical records have been inappropriately accessed, and the reasons as to why staff have accessed the information. Until we know the full facts after a thorough investigation, we can only speculate at present.

Making A Claim For NHS Data Breach Compensation

Victims whose private and sensitive medical records have been subject to unauthorised access may be entitled to make a claim for NHS data breach compensation.

Data breaches that involve medical staff snooping on and / or inappropriately accessing medical records can be quite common. As a law firm who has been at the forefront of data breach claiming for several years, these are cases we have been helping people with for a long time.

We have already been contacted by a number of those who have been affected by this specific data breach involving the Wrightington, Wigan and Leigh NHS Foundation Trust. We are taking claims for compensation forward on a No Win, No Fee basis.

Data breach compensation amounts for cases where personal and sensitive medical information has been misused or exposed can be substantial. This is a loss of control over medical records containing data that most people consider to be incredibly private.

About The Data Leak Lawyers

The Data Leak Lawyers is a leading law firm fighting for justice in dozens of data breach group actions and multi-party litigations; from huge consumer actions like British Airways data breach, to serious NHS data leaks like the 56 Dean Street incident and the recent Charing Cross GIC leak.

We can take cases forward for patients affected by unauthorised medical records issue on a No Win, No Fee basis. You can start the process by completing the contact form below.