Freedom of Information requests to NHS trusts across Yorkshire have revealed that a third have caught staff unlawfully accessing private information.

The Yorkshire Post which sent FOI’s to all the NHS trusts, councils and police forces in Yorkshire found that out of the 25 trusts that responded, 15 said there had been no such incidents. This figure included the SHA and Yorkshire Ambulance Trust. 

 However, 10 NHS trusts said there had been one or more incidents – totaling around 30 incidents altogether between 2007 and 2010.

The trusts include primary care trusts in Wakefield and Barnsley and hospitals in Barnsley, Goole, Mid-Yorkshire, South Tees and Rotherham.

At one of the trusts in Rotherham, last month a cleaner was caught accessing the medical records of a friend to determine that she has recently had an abortion, for which the disciplinary case is still proceeding.

One of the worst offending trusts was Doncaster and Bassetlaw Hospitals NHS Foundation Trust, where six people were caught in breach and in one case a nurse accessed private medical test results of her daughter’s father, she was dismissed and then reinstated on appeal.

A spokeswoman for the trust said: "We take data security very seriously and have a number of means of ensuring that patients’ personal data is not accessed inappropriately. All six cases of inappropriate access to medical records related to an individual’s colleague, partner, or relative – and while this is inexcusable, it does not indicate misuse of the millions of patient records we hold."

There were also five incidents at Sheffield Teaching Hospitals which ranged from a staff member accessing information so that they could send a card to a relative, to staff looking through at a record of an ex-partner’s new partner. Three of the staff received final warnings and two were dismissed.

A spokesperson for the Information Commissioner’s Office told eHealth Insider: “As with many organisations that hold a significant amount of personal data, we have regular contact with a range of public authorities regarding allegations of staff inappropriately accessing records.

“The usual and most appropriate outcome in these cases is disciplinary action taken by the employer. However, where that employee is accessing records for personal gain, such as selling the data on to third parties, the ICO may open a criminal investigation.”