Brit doctors surgery fined £35k over medical da... - Thyroid UK

Thyroid UK

137,936 members • 161,765 posts

Brit doctors surgery fined £35k over medical data fumble

helvellaAdministratorThyroid UK•

6 years ago•8 Replies

A pretty appalling story on GDPR-eve.

The best points are:

The other practice appeared to do the right thing.

The ICO picked up the issue and has done the right thing.

Brit doctors surgery fined £35k over medical data fumble

Left patient records, prescriptions in former surgery premises for 18 months

By Paul Kunert 24 May 2018 at 15:14

Bayswater Medical Centre (BMC) in London is licking its wounds after taking a not insignificant punch to the wallet for discarding highly sensitive medical information in an empty building for a year and a half.

The Information Commissioner's Office (ICO) said today the data included medical records, prescriptions and patient identifiable medicine. It was left unsecured when BMC vacated its surgery but used the premises as a storage dump from July 2015.

The following year, reps from another GP practice took over the lease, discovered the unsecured medical records and told the BMC, but the BMC made no effort to scoop up that information, despite repeated warnings from the other surgery and a local Clinical Commissioning Group.

Officers from NHS England paid a visit to the site in February 2017 and found a "large quantity" of the data left on decks, in unlocked cabinets and in bins. The BMC was ordered to send in the cleaners, so to speak.

The severity of this breach "merited" a fine of £80,000, said the ICO, but this was cut to £35,000 after the BMC's ability to cough payment was considered.

"It is our duty to stand up for people's data right[s] and to ensure that their sensitive personal information is protected," said ICO head of enforcement Steve Eckersley.

"Out of sight is definitely not out of mind. We don't want anyone to think that they can avoid the law or their duties by abandoning personal data in empty buildings," he added.

theregister.co.uk/2018/05/2...

[ Added 24/05/2018 20:13 - this is what the BMC says about its own privacy policy. Please note - again - it is now GDPR-eve and despite the site having had some sort of update on 18/05/2018, they nod to the Data Protection Act 1998 and appear not to have heard of GDPR.

I also searched (in vain, of course) for any mention of the fine they have received.

How do we maintain the confidentiality of your records?

We are committed to protecting your privacy and will only use information collected lawfully in accordance with the Data Protection Act 1998 (which is overseen by the Information Commissioner’s Office), Human Rights Act, the Common Law Duty of Confidentiality, and the NHS Codes of Confidentiality and Security.

Every member of staff who works for an NHS organisation has a legal obligation to keep information about you confidential. Anyone who receives information from an NHS organisation has a legal duty to keep it confidential.

We maintain our duty of confidentiality to you at all times. We will only ever use or pass on information about you if others involved in your care have a genuine need for it. We will not disclose your information to any third party without your permission unless there are exceptional circumstances (i.e. life or death situations), or where the law requires information to be passed on.

baysmed.co.uk/info.aspx?p=9 ]

Written by

helvella

Administrator

To view profiles and participate in discussions please or .

Read more about...

Surgery

8 Replies

•

Paula1016 years ago

I hope the fine came out of the pockets of the partners & practice manager, damn imbeciles!

shawsAdministrator6 years ago

Thanks for posting Helvella and may shake up some surgeries to take care of patients' records.

Mamapea1 in reply to shaws6 years ago

Yes, shaws, let's hope so.... I still haven't received all my missing notes (after paying £50 for them last year) ~ the fraction I did get were shocking!😳 I rang about 6 months ago, and practice manager said she 'was on it' but when nothing emerged, I asked GP who said SHE herself was sorting it, as it was her responsibility.

She annoyingly implied it was all a bit of a hassle, time,etc., but I have STILL heard nothing! I understand there is a possibility that they've been lost as a result of updating onto digital (being sent away, which GP says isn't possible), but I would really like them, as it's everything from my previous surgery (good GP who left), and all my results, etc. from when I was first diagnosed.

So much happened then, hospital admissions, etc. and I have none of it. Reading this, I wonder if they've been carelessly dumped somewhere, never to be found.😕 Do you think I should keep asking at the surgery ~ they always play the 'busy' card and try and make me feel a nuisance ~ or do you know of any other way I could track them down? I'm a bit peeved tbh. x

Saya85 in reply to Mamapea16 years ago

6 months?? They have a duty to reply within 40 days I believe (!)

They now can’t charge you either although it is very time consuming to have to collate and edit the records to omit third party notes on your records etc

They may be trying to stall as they don’t want to release some records either.

When did you last chase it up? If it’s been over a month you certainly have a right to demand answers especially if you have paid too.

It doesn’t always benefit to stomp your feet too much if you wish to retain a good relationship with the GP but you could write and say (gently ☺️) that you have waited a considerable length of time and wish to have this resolved as soon as possible now or an answer at least. It’s not unreasonable but do tread carefully

Mamapea1 in reply to Saya856 years ago

Thank you for your somewhat rapid response😊. Long story short ~ first requested years ago, but was constantly blagged out of receiving them... I was so ill I didn't insist enough, although in the notes I HAVE managed to obtain, in 2008 she writes " STILL asking for notes! STILL thinks there's something wrong with her!" So I had obviously been asking for a while!😳

When I did start insisting, she started being extra nice to me, (although I always believed we had a good relationship ~ 20 years) and saying things like "you know, sometimes we write little things in the margins, don't take any notice of that" etc. I shook like a leaf when I read all the horrible derogatory things she had written, and test results were appalling!😰

It was only lovely members on here that got me through the whole upset💕. Most of the info I was really interested in wasn't there, and that is what I'm after now. I paid and picked up the incomplete ones last October. I have only consulted her by phone appointments since I read them, and have seen the nurse for tests. I can't look her in the face tbh, I am still incredulous!

I haven't been too demanding about them, I've just mentioned it in passing when ringing in a prescription. I haven't the strength to stamp my feet lol! 😊 tbh, I only stayed there because I felt she was easy to talk to ~ I knew she wasn't very knowledgable, but I thought she was nice, and we got on!!😳. Sorry ~ that wasn't a short story at all! I think I will give them another ring... Thank you 💕xx

Saya85 in reply to Mamapea16 years ago

Oh deAr. Yes I dread to think what doctors have written about us.

I’m very careful with what I write in my notes but sometimes you do have to allude to possible malingering or other factors.

Glad you managed to get something. If your gP isn’t knowledgeable or even that nice now it might be worth asking to see a diff doctor?

It’s difficult all round. Hope you get some answers x

Mamapea1 in reply to Saya856 years ago

Thank you ~ yes I will change ~ awkward is putting it mildly😕 I've just got other things going on at present, so it's on a back burner xx.

endomad6 years ago

I took my first endo to the ombudsman. The 2nd stage was a resolution meeting at the hospital. I was accompanied by a buddy/thyroid advocate who actually worked for the hospital, she made sure they kept their facts straight and didnt bully me, also a member of phower the medical complaints people.

We were escorted into a meeting room but left to make our own way back through the hospital in corridors stuffed floor to ceiling with patient records and paperwork. My friend who worked there was shocked as it deff went against hospital protocol. So I added that to my complaint on the next stage. Had I been on the ball I should have stuffed my 2 tote bags full and taken them to the local newspaper. Tbh I dont think the hospital was in the least bit bothered but did say they wouldn't allow access to the general public gain.