03.08.17
Information of over 500 trainee doctors published online in data breach
The personal information of more than 500 trainee GPs from a trust in the Cheshire and Merseyside area have been published online following a data breach at a hospital.
Detail including addresses, phone numbers and National Insurance numbers of the trainees at St Helens and Knowsley Teaching Hospitals NHS Trust appeared online, leading to the trust launching an investigation to get to the bottom of the matter. The breach has been reported to the Information Commissioner.
It was also revealed that some doctors were only made aware of their details being publicly available online after locum agencies were able to contact trainees through their personal email accounts.
A quick search online then revealed that two spreadsheets with doctors’ names and personal information were readily and easily available.
One doctor affected by the hack was speciality based trainee Thomas Micklewright, who said: “I’m appalled by the situation, I feel very vulnerable and exposed.
“It’s scary enough a company being able to contact your email, but the idea of a mobile number or, even worse, address being out there is really frightening.”
A spokesperson for the trust stated that it was “profusely sorry” to the doctors affected by the breach, and that it would continue to give support to those who had their information published by hackers.
“The data breach has been reviewed independently and the trust has been assured that the risk to personal security is minimal,” a statement from the trust said.
“The trust has informed the Information Commissioner’s Office and will be providing a full report upon completion of the investigation.
“We continue to liaise with the trainees affected and have apologised profusely for any distress or inconvenience caused.”
The BMA added that those junior doctors affected will be understandably worried that their personal information has been made widely accessible without their knowledge.
“While the trust has addressed the situation promptly, it must ensure it provides the necessary support and information to those affected, and urgently investigate how and why this breach occurred to ensure that it doesn't happen again,” the association added.
Last month, the government made £50m available to safeguard trust against cyber-attacks in the future. The money was announced after the widely reported NHS cyber-attack in May, which saw hundreds of trusts be locked out of their computers for a number of hours.
Have you got a story to tell? Would you like to become an NHE columnist? If so, click here.