Somerset NHS Foundation Trust initiated contact with individuals affected by a recent data breach at Musgrove Park Hospital. The trust disclosed that nearly 200 patients had their hospital records inappropriately accessed by a staff member. The breach, spanning six years, involved the staff member accessing records of individuals they were acquainted with.
During their role, the staff member gained access to specific demographic information, A&E attendances, including dates and basic admission details, inpatient admissions with dates, wards, consultants, and specialties, as well as outpatient appointments with dates, consultants, and specialties.
However, Somerset NHS Foundation Trust clarified that the accessed records did not include clinical letters, discharge summaries, or records related to community, mental health, sexual health, medical, or nursing details.
Phil Brice, the director of corporate services for Somerset NHS Foundation Trust, expressed profound apologies to those affected, highlighting the breach of trust by the staff member. Brice emphasized the necessity of confidential information for effective job performance within the NHS and acknowledged the breach as a severe deviation from expected conduct despite regular information governance training.
The incident has been reported to the Information Commissioner, with Avon and Somerset Police conducting an investigation. The trust has proactively reached out to affected individuals, offering apologies and discussions regarding the breach.
Avon and Somerset Police confirmed ongoing investigations, mentioning one person’s voluntary interview in connection to the incident. The hospital has undertaken the responsibility of contacting all affected individuals.
Additionally, it was reported that the staff member involved is no longer associated with Somerset NHS Foundation Trust, according to information from a BBC report.
