NHS employees who are tempted to look at patient records without a valid legal reason should consider the potential implications for both themselves and the health service.
The Information Commissioner’s Office (ICO) issued the warning after an NHS administrator was fined for repeatedly accessing a patient’s medical records without a valid legal reason.
Nicola Wren was employed by Kent and Medway NHS and Social Care Partnership trust when she breached data protection laws aimed at protecting patient privacy.
Medway Magistrates’ Court was told she had accessed the health records of a single patient 279 times over a three-week period in October and November 2015, viewing the files up to 50 times in a day. Although the patient was known to the defendant, she had no valid lawful reason to access the records and did so without her employer’s consent.
Wren, 42, of Rainham, Kent, pleaded guilty to unlawfully accessing personal data in breach of s55 of the Data Protection Act 1998 and was fined £300. She was also ordered to pay prosecution costs of £364.08 and a victim surcharge of £30.
Read more on the ICO’s site.