What would you do if you got a copy of someone else’s confidential GP records

[Twinkletoesandspaghettios]

No poll just wondering exactly what you would do?

The summary care report was in with mine and had name, address, DOB, full medical history including details on social services and CAMHS involvement

call the office, and return the document or shred.

Firstly, I wouldn’t read it.

Yes just that really

What else would you do?

That’s a bit ridiculous. Also didn’t answer the question.

I was reading mine and theirs was behind mine. I was half way down the page before I checked the top where name was as I realised it was not my record

Probably read the name, realise it wasn’t mine so wouldn’t read history/referrals and return it in an envelope to the surgery.

Contact the GP/hospital who sent it
Shred the file or return it to them whatever they wanted. There's nothing else to do

This happened to me. I sent it back to the surgery marked confidential with a note explaining that it had been sent to me in error.

Obviously a cock up but I’m not sure it requires a load of drama.

Report it to the head office of the relevant trust as a data breach

If something of this level of confidential information was given out from your team, would you report it to the Information Commissioner's office?

It's a huge issue and you shouldn't give the surgery the chance to cover it up

Report to the information commissioners office. Massive data breach. Dont rely on the hospital reporting it

This. Too many people would just leave it and let them cover it up. You really shouldn’t.

You can but they do not give a shit.

I would return it to the doctors but ask them to look into how it happened.

Honestly I probably would read it first, but I wouldn't share it with anyone. (So I do at least have some moral compass)

GP's legally have to report a breach of data protection to the Information Commissioner within 72 hours. You can complain to them by speaking to the GP surgery manager (and I would physically return the paperwork to them by hand if that was the case). Or if you do not want to complain to them direct phone the local ICB to report. You could also phone the Information Commissioner yourself on 0303 123 1113 to report the breach.

https://www.nhs.uk/nhs-services/find-your-local-integrated-care-board/

Well, something similar happened to my dad once, but it was the bank and not the GP.

he was sent someone else’s house deeds in with his loan document. He complained to the bank and got his loan (about £50k I believe!) written off, plus compensation.

Well yes and they will do that when you inform them. Its a terrible mistake but it happens, picking up print outs/photocopies. However your responsibility is to let them know and destroy the record and not read it...

Have a cheeky read before complaining straight to the higher ups

I wouldnt tell a soul what i'd read though, that crosses a, very far left, line

So I called the GP surgery and the doctor called me back (not a recorded line as I specifically asked). I explained what happened and I will admit I did say “I haven’t shared this with anyone and I will not report it to the ICO but I some internal training so this doesn’t happen again maybe in order” I then left the records back in a sealed envelope half an hour later marked for the attention of the GP.

I don’t think they reported it as the GP was extremely grateful for how I had let her know.

It’s such an easy mistake to make. If it were my records (provided it didn’t end up online or copies being made) and it was handed back to the surgery I wouldn’t even want to be told

Why did they write off his loan, when he wasn’t the injured party?

Phew, so they got away with it then. Yeah; I bet the GP was very grateful.

I know that’s sarky of me, but this is how the NHS gets away with shit like this, people don’t make them take any responsibility.

This happened to us, we were sent a child's health records several times, despite contacting the hospital each time as our address was similar and the postcode was the same. Was very difficult as the child was in care, at our local school, and was being treated for an incurable and transmissible disease (think hepatitis/hiv seriousness ) which wasn't disclosed. Obviously we didn't say a word but I was always worried in case another child contacted it from a playground accident

Track down the poor person whose personal information has been compromised and let them know. The decision about what to do should be theirs.

Choose wisely from:
1 Stick it on social media and ask if anyone knows the person, and to tell them you've got their records
2 Bribe the person
3 Return it quietly and calmly to the place who sent it to you.

Let the person know their details have been compromised, potentially.

It was just an accident. Just a real person, with real life worries and stresses and problems that made one tiny error. I think you did the best thing and exactly what I would have done. Or maybe just shredded the information without anybody ever knowing.

yes it was a balls up but nobody was hurt, it was just an error