Home   News   National   Article

Unknown person entered hospital ward and left with patients’ data, says watchdog

By PA News
Published: 14:03, 28 November 2023
 | Updated: 14:11, 28 November 2023

Register for free to read more of the latest local news. It's easy and will only take a moment.

Sign Up
Click here to sign up to our free newsletters!
NHS Fife has been reprimanded by the public information watchdog (Andrew Matthews/PA)

An unauthorised person entered a hospital ward, helped staff with a patient and then made off with personal information from 14 patients, a watchdog has found.

Police have been unable to identify the person or recover the lost paperwork as their progress has been hindered by the CCTV having being accidentally switched off by a staff member, the Information Commissioner’s Office (ICO) said.

The data protection watchdog has reprimanded NHS Fife after the incident at one of its hospitals in February.

The ICO said the unauthorised person gained access to the ward and then, “due to a lack of identification checks and formal processes”, they “assisted with administering care to one patient” and were handed a document containing the personal information of 14 people.

The data was taken off site by the person and has not been recovered
Information Commissioner's Office report

The ICO said: “The data was taken off site by the person and has not been recovered.

“While the hospital had CCTV installed, the wall socket with the CCTV had been accidentally turned off by a member of staff prior to the incident.

“The police have not been able to identify the person or recover the lost data, hindered by the lack of CCTV footage.”

The watchdog’s investigation found NHS Fife failed to have appropriate security measures for personal information, as well as low staff training rates.

Following the incident, NHS Fife introduced new measures including a sign in and out system for documents containing patient data, and updated identification processes.

Natasha Longson, ICO head of investigations, said: “Patient data is highly sensitive information and must be handled with the appropriate security.

“When accessing healthcare and other vital services, people need to trust that their data is secure and only available to authorised individuals.

“Every healthcare organisation should look at this case as a lesson learned and consider their own policies when it comes to security checks and authorised access.

“We are pleased to see NHS Fife has introduced new measures to prevent similar incidents from occurring in the future.”

NHS Fife and Police Scotland have been contacted for comment.

Do you want to respond to this article? If so, click here to submit your thoughts and they may be published in print.

Keep up-to-date with important news from your community, and access exclusive, subscriber only content online. Read a copy of your favourite newspaper on any device via the HNM App.

Learn more
This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies - Learn More
AGREE