An NHS clinic in London has been fined £180,000 for a serious data breach which affected more than 700 users of an HIV service.
A staff error meant that anyone who received the September newsletter from the 56 Dean's Street clinic, could see the email addresses of all other recipients.
The error occurred because the addresses had been wrongly entered into the "to" field instead of the "bcc" field. Furthermore, 730 of the 781 emails contained the full names of the recipients.
Chelsea and Westminster hospital NHS foundation trust, which runs the clinic, has been fined £180,000 by the Information Commissioner's Office (ICO), because the breach is likely to have caused substantial distress to the patients affected.
Patients are also taking legal action against the clinic, due to the stress the breach has caused them. Sean Humber, who is acting for more than 20 of the patients affected, said:
"What makes the incident even more unacceptable is that the trust failed to learn the lessons from a similar smaller-scale incident, also investigated by the information commissioner, that occurred in 2010.
"Had the trust taken the necessary remedial measures then, it is likely that this later more serious breach would not have occurred."
If you need the advice of our experienced litigation solicitors, speak to us in complete confidence on 0203 206 1133.
As a law firm we are dedicated to the needs of our private and corporate clients.
At the same time we recognise the needs of the wider legal community and are able to work with consultants across a range of disciplines.
Please call to discuss you legal needs, today.