Home / News & Resources / News & Updates / Sensitive medical data was sent to the wrong patient

Sensitive medical data was sent to the wrong patient

  • Posted on

When we think about data breaches, we often worry about hackers and cybercriminals getting hold of our banking and credit card details. But the truth is, most data breaches are caused, not by fraudsters, but by human error and poor data management processes. And the result can be just as devastating. In a recent case, our solicitors saw the significant damage and distress caused when personal medical information was sent to the wrong person. But what happened in this failure in patient care? And what can you do if it happens to you?

What happened in this case?

Our client was due to start a three-month course of treatment for anxiety and depression. But his mental health was made significantly worse when his private medical information, including his diagnosis and contact details, was sent to the wrong patient.

Realising the error, this patient returned the sensitive information to the relevant NHS department, and it admitted that it had made a mistake. However, it took the NHS four days to let our client know that his privacy had been violated. And the consequences lasted much longer.

This was a severe breach, which exasperated our client's mental health issues. As a result, he went on to suffer a panic attack. To make matters worse, the NHS tried to minimise the incident and didn't properly acknowledge or try to understand the effects that the breach had on our client's existing mental health issues.

Keen to make sure that the NHS was held to account for its failure in patient care, our client contacted Hayes Connor Solicitors after we were recommended to him. This was particularly important as he did not see any evidence of new measures to avoid similar incidents recurring.

Following the shocking failure in patient care, we were able to secure £2,000 in damages for our client. He was pleased with the friendly, clear, honest and timely management of his claim and he was happy with the result - particularly as Hayes Connor consulted an expert to gauge the maximum compensation that could be secured in these circumstances.

We genuinely hope that our client can get on with the rest of his life. There is no doubt that he has become very security conscious as a result of the breach.

Medical organisations must be held to account

Nobody wants to sue the NHS. It does a great job under challenging circumstances. But, the sheer scale of the information we share with healthcare organisations is enough to leave us all open to the threat of fraud, anxiety and stress. So, this data must be treated with the highest levels of care; not least because of the potential damage should it fall into the wrong hands.

In most cases, medical data breaches happen because of human error and a failure to implement reasonable and robust processes. So, claiming compensation isn't just in your best interests. It is the only way these organisations will be persuaded to take their responsibilities seriously and make the necessary improvements.

Not just hackers

Hayes Connor Solicitors wants to reduce the number of data violations taking place across the UK. To do this, we are sharing real-life examples of data breaches to raise awareness of this issue and educate people to prevent similar mistakes from happening.

For more advice on how to keep your data safe, follow our #NotJustHackers campaign on Twitter and Facebook.

Alternatively, if you have been the victim of a data breach or cyber fraud, find out how we can help you to recover any losses. Or give us a call to discuss your case in more depth.