Moray MP Douglas Ross says it is “utterly appalling” that there has been another data breach by NHS Grampian.
Douglas has been contacted by a concerned constituent – who wishes to remain anonymous – after her mother mistakenly received a letter from the health board which she initially thought was outlining details to invite her along to a medical appointment which she had been waiting on.
However, on closer inspection of the letter, she realised that the correspondence had been sent in error to someone living in another part of the Moray constituency. The letter contained the person’s name, address and CHI number.
The daughter has told Douglas that her mother is “deeply distressed” that the letter for her own medical appointment containing sensitive and confidential information is also likely to have been wrongly addressed.
She has made contact with the health board to lodge a formal complaint on her mother’s behalf.
Douglas says he is “bitterly disappointed” this sort of incident has occurred again, after he highlighted two previous data breaches in recent years. He has also taken the issue up on behalf of the family with NHS Grampian.
He added that yet again there are more “serious questions” for NHS Grampian to answer and that lessons are clearly not being learned from previous incidents.
Moray MP Douglas Ross said: “I am utterly astonished and bitterly disappointed that yet another data breach has been committed by NHS Grampian. This incident is unacceptable and I know from my discussions with the family involved how worried they are about this breach.
“On two separate occasions in recent years I have raised similar cases, yet it appears no lessons have been learnt by the health board.
“These letters contain private and sensitive information and it is clear once again, a lack of due diligence has been carried out by NHS Grampian, before this was sent to the wrong address.
“It is little wonder that the family of the patient involved contacted me and my office in such distress.
“NHS Grampian have serious questions to answer as to how this has happened, and why it continues to happen.
“The health board must apologise to the patients involved, investigate this matter fully and finally put in place as robust measures as possible to guarantee no further breaches of highly sensitive personal data occur.”