O’Reilly Stewart Healthcare recently acted for a client who, in the course of medical treatment being provided by a local NHS Trust, suffered a breach of privacy.
Our client was being treated by a local NHS Trust when her medical records were disclosed to another patient without her consent. These records contained highly sensitive personal information, detailing the nature of our client’s medical history. This caused considerable upset and distress to our client.
The law in respect of Data Protection has progressed following the General Data Protection Regulations (GDPR) enacted by the European Union, which is transcribed into UK law via the Data Protection Act 2018. The GDPR states that “any person who has suffered material or non-material damage as a result of an infringement of this Regulation shall have the right to receive compensation from the controller or processor for the damage suffered.” Moreover, the disclosure of medical records without consent by the patient represents a breach of the privacy rights of the patient under Article 8 of the European Convention of Human Rights.
After taking instructions from our client, we obtained medical evidence from a Consultant Psychiatrist to report on the extent of psychiatric upset and distress caused to our client by the unauthorised disclosure. Following negotiations with the Trust, the case settled in the sum of £5,000 without admission of liability.
Cases of this nature are becoming more and more common because of the impact of the Data Protection Act 2018.
Our client had the following kind words to say:
“Throughout this traumatic legal ordeal the solicitors at O’Reilly Stewart made every effort to reassure me and were always kind and sensitive to my needs. They were so professional and always went that extra mile.”