Comments of patient "victims" of smartcard security breach

Patients who received a letter from NHS Hull saying that their medical records had been viewed without authorisation by a former employees have left comments on their local news media’s websites.

Some of them say in effect: so what?

“So many other patients’ had their records accessed, including me, but you don’t see us crying to the Hull Daily Fail,” said one.

Others are angry.

Foster carer Angela Daddy, 47, of west Hull, said:

“It makes you think what information on me can be viewed, and by whom. NHS Hull has told me nothing was printed off or changed, but the employee could easily have written down details…I’m a foster carer so confidentiality is particularly important to me. NHS Hull must have known about this a long time ago and I think it’s appalling it’s taken this long to inform people.”

Dawn Murray in Hull said:

“I am also one of those patients who have had their personal medical records viewed and find it distressing… I ask, why would someone want to look at personnel records when in their position of trust. Confidentiality towards others must be one of the most important parts to their job …”

A nurse said:

“The crooked employee had access to data so it could be collated for work purposes. This person used their access to get into individual records which is quite clearly against the rules. That person, an employee of the Trust at the time when the records were accessed, broke their confidentiality undertaking. That is gross misconduct, and normally results in summary dismissal. You can’t blame the Trust for malicious and/or criminal acts performed by individuals.”

A patient said:

“The person who accessed the records had access …as he worked for the IT dept within the NHS…. Around 90% of the patients affected will be genuine access for NHS purposes, not on this person’s own accord. I myself have been affected by this and [I’m] aware the person did more than access my records but I do not fault NHS Hull for what has happened. They have handled the case very well and effectively. It has not taken over a year to come to light, as the person involved was only discovered in early months of this year.”

Another comment:

“How did this person gain access to the records if they were not permitted to do so? Sounds as if NHS Hull is partly to blame for this little fiasco. The worrying thing about it though is this person’s motive. Medical information really isn’t that interesting, so I wonder if they were planning to sell people’s information to someone for profit?”


Police probe breach of NHS smartcard security as e-records launched in London –