Another patients letter sent to me in error

[Ilovemyshoppingtrolley]

Yesterday I received a letter for an appointment for January for myself, also in the envelope there was a letter for another patient. It had her name, address and hospital number on it.
I rang the hospital appointment line and waited a long time before the call was answered and asked to speak with a supervisor or manager, the receptionist refused saying they did not have one as they are all equal. I told her what my problem was but she just brushed it off and that it was sent in error which obviously I know, she said that she would email the person who had sent it to let them know of there error and she would reprint the letter for the lady that should have received the appointment.

This is not the 1st time I have had trouble with this hospital and using wrong names (telephone message for a different person left on my phone and they gave me a wrong consent form to sign for an operation). I appreciate these will be different locations but we are talking about a large London hospital.

I did think about sending this letter on to the lady in question explaining that it came to me in error but not sure if that is the right course of action. Just felt like the hospital were rather blasé and mentioned that it was a simple error. This could have had a lot more personal information on it.

[Aridane]

That is shit

Send to their data protection officer

[Doggyfeet]

In the last letter my son got from the ADHD clinic there was a letter for another child - it was a copy of a letter sent to the child school and had a lot of personal info in it. I just binned it.

[lookatthebabypenguin]

They should be reporting themselves to the ICO for that as it's a data breach. The fact you were brushed off is even more concerning, so I would report them to the ICO directly myself.

That could have had really serious consequences for someone - e.g. Someone fleeing domestic violence...

[Cuddling57]

Ok so I was as first thinking meh people make mistakes.
But the attitude of the receptionist and the fact that there are other errors I think you really need to write a letter to someone up high in the hospital and complain! Is there an outside organisation you can complain to as well?!

[chocolatespiders]

I would send it on so they have the appointment date.

[rottiemum88]

I work in data protection. It's not necessarily true that the hospital should report themselves to the ICO and I very much doubt from what you've described that this would be considered a reportable breach; they should however have a procedure for recording all personal data breaches and I'd expect them to have done this as a result of your contact.

It's obviously wrong if the receptionist was dismissive of what had happened and she should also have requested that you destroy the letter as you weren't the intended recipient. If the letter had contained any medical information for the other patient rather than just being an appointment letter then that could also change things slightly, because medical data is special category data and may warrant a report to the ICO.

Ultimately though the ICO are most concerned about root cause, ie why the breach happened in the first case. In this instance it sounds like a simple case of human error, which is accepted as inevitable in all fields. As long as there's no fundamental system or process failing gone on, there's unlikely to be any further action taken.

[Aridane]

I work in data protection. It's not necessarily true that the hospital should report themselves to the ICO and I very much doubt from what you've described that this would be considered a reportable breach; they should however have a procedure for recording all personal data breaches and I'd expect them to have done this as a result of your contact

Doesn't sound like they do,have this procedure or that, if they do, that it is implemented and applied!