A former health worker has been fined for unlawfully obtaining patient information by accessing the medical records of five members of her ex-husband’s family in order to obtain their new telephone numbers.
Juliah Kechil, formerly Merritt, a former health care assistant in the Outpatients Department at the Royal Liverpool University Hospital was convicted under section 55 of the Data Protection Act at Liverpool City Magistrates Court.
The defendant was fined £500, but also ordered to pay £1,000 towards prosecution costs and a £15 victim surcharge.
Royal Liverpool began an investigation in November 2009 when Kechil’s father-in-law contacted the hospital after receiving nuisance calls, which he suspected had been made by his former daughter-in-law.
Having changed his phone number in July 2009 following unwanted calls from Kechil, he was immediately concerned that there had been a breach of patient confidentially. The breaches were traced through audit trails that were linked back to Kechil’s smartcard ID.
The Information Commissioner’s Office has already expressed concerns about data use across the NHS and the police, which mean it plans to focus on health and criminal justice in its data protection work this year.
The ICO’s head of enforcement Steve Eckersley said: “People should be able to feel confident that their personal details will be stored securely and only accessed when there is a legitimate business need. We will always push for the toughest penalties against individuals who abuse this trust.”
One Response
Dismissal offence ….
Is this not a dismissable offence ?