Help end medical misogyny. Sign our petition.

Help end medical misogyny.
Sign our petition.

Sign the petition

Please or to access all these features

AIBU?

Share your dilemmas and get honest opinions from other Mumsnetters.

NHS staff accessing medical records inappropriately in high profile or tragic news stories.

224 replies

HavfrueDenizKisi · 26/06/2026 12:02

What the hell is wrong with people who work for the NHS and still somehow think it’s ok to voyeuristically access the medical records of patients who have been in the news?

Just read this article about 40 members of staff being investigated over the inappropriate viewing of this poor boy’s medical records. Read a similar article a few weeks back about the medical records of the victims of the Nottingham attack being accessed. Something like 11 people were sacked and 12 given final warnings about that (somehow suggesting it wasn’t their first time doing so).

Surely it is pretty fucking clear when you start working for the NHS that this is Absolutely Not Allowed. Plus it must be clear that there is a digital trail left behind of anyone accessing records. Honestly the mind boggles.

Link to article on BBC:

https://www.bbc.co.uk/news/articles/cvg5kvpdd15o

A uniformed police office stands in front of a bricked barn has a car park outside the front on the left. There is a fence on the right which opens into a court yard and there are signs on the door. There is a police car parked in the car park.

Crocodile attack: Hospital probe after boy's records accessed

Cambridge University Hospitals refers itself to the Information Commissioner over the breach.

https://www.bbc.co.uk/news/articles/cvg5kvpdd15o

OP posts:
Identyfy · 26/06/2026 13:06

TheNinkyNonkyIsATardis · 26/06/2026 13:00

I am ex-friends with a nurse who works in a potentially embarrassing speciality. She openly told us that she had the very private mum of a VERY famous person in her clinic.

I've never seen her since, it was disgusting that she disclosed it.

It is appalling. I once looked after someone famous on my ward. It was somebody that my teen daughter adored and she would have been so excited to hear about it. I didn’t tell a soul.

Whorulestheroost1 · 26/06/2026 13:07

NHS nurse for over 30 years here - we all know this is something that is forbidden. Those who access information without permission do so knowing this and should 100% lose their jobs, it is not difficult to understand.

Fishareidiots · 26/06/2026 13:07

I’m also shocked they have the time. The systems are very sensitive. If you search for someone with your same surname, it sends a warning email to your manager, which is bonkers if your name is Jones or something. It also doesn’t catch all this nonsense.

nothingcomestonothing · 26/06/2026 13:07

It says 40 people accessed the records, not 40 people who shouldn't have accessed the records. The bulk will be legitimate as I'd imagine a lot of professionals would be involved in that kind of injury - a&e, surgery, ortho, ward nurses who change every shift, physio, admin.

That hospital has Epic, which tracks every access of every record electronically. it's simple for them to see who accessed it, disregard the ones who needed to, and see who's left.

mummypigoink · 26/06/2026 13:10

There’s no excuse or justification for this. Make it a specific criminal offence along the lines of misconduct in a public office with hefty fines/ sentencing options.

GreenSmallBird · 26/06/2026 13:14

I work in another public service (not NHS or police) and we have it drilled into us that you do not do this. The fact the Trust has referred itself to the ICO tells you they believe that there has been a breach. Anyone who does this should be sacked for gross misconduct. There is zero excuse - I could access stuff about pretty much anyone in the country but I don’t because I am a decent human being.

Zanatdy · 26/06/2026 13:16

absolutely ridiculous, and in my Gov dept it’s a sackable offence to look up records you have no business to be accessing. Even worse when it’s someone’s medical info so all should be dismissed. You know in advance this is against GDPR and can be dismissed.

HectorPlasm · 26/06/2026 13:16

Audit trail is ultimately how Shipman got caught. It may not be used immediately but the record is always there until it is deleted. Some access types or data change activity will have automatic flags on them which will typically go to someone more senior and independent for review. A good example would be supplier banking details - there will usually be an immediate flag so the change can be checked to ensure that it is legitimate.

Zanatdy · 26/06/2026 13:19

smallglassbottle · 26/06/2026 12:07

I agree, but it's naïve to rely on people to do the right thing. Even healthcare workers can be scumbags and indulge their morbid curiosity. There needs to be tighter controls over who can access these things.

In a hospital multiple people need access so not practical to have tighter controls. They need to dismiss anyone caught doing it and send out a message that they take it seriously as that happens in my dept. Someone was dismissed last week for accessing relatives records.

NowSober · 26/06/2026 13:23

I was given a verbal warning for printing off the pathology report of the nasal swab confirming I had COVID-19. It was flagged up that I had accessed part of my own medical records. I told my manager I was unapologetic & would do the same again as the data referred to me & I would be entitled to receive a copy of the pathology report if I had made a Subject Access Request.

Netcurtainnelly · 26/06/2026 13:24

HavfrueDenizKisi · 26/06/2026 12:02

What the hell is wrong with people who work for the NHS and still somehow think it’s ok to voyeuristically access the medical records of patients who have been in the news?

Just read this article about 40 members of staff being investigated over the inappropriate viewing of this poor boy’s medical records. Read a similar article a few weeks back about the medical records of the victims of the Nottingham attack being accessed. Something like 11 people were sacked and 12 given final warnings about that (somehow suggesting it wasn’t their first time doing so).

Surely it is pretty fucking clear when you start working for the NHS that this is Absolutely Not Allowed. Plus it must be clear that there is a digital trail left behind of anyone accessing records. Honestly the mind boggles.

Link to article on BBC:

https://www.bbc.co.uk/news/articles/cvg5kvpdd15o

I agree. They should be worried about themselves doing this.
How would they like the reverse. People doing it to them.

CossyBunt · 26/06/2026 13:27

Nosy thickos work in the NHS unfortunately.

Partickle · 26/06/2026 13:29

Prior to retirement I was a Clinical Auditor in the NHS. I used to be a HCP and therefore was well aware of ‘why’ one might need access to patient data.

It never failed to amaze me the number of staff members who just didn’t understand that I could see everything, key strokes dated & timed, length of time they spent looking at records (or sometimes accessing inappropriate websites that had absolutely nothing to do with their job).

Many seemed to believe (despite frequent ‘teaching’) they were doing nothing wrong and ‘everybody did it’. Always suggested they re-read the contract they signed when they started work prior to HR being involved.

HRTQueen · 26/06/2026 13:34

In the trust I work for a number of people lost there jobs when they accessed a patients notes who was high profile and had been in the news

No one can pretend they didn't know, if the person is not on your team list then you are asked a number of times what is the reason you are accessing their information and this is recorded and monitored

you can not even look at your own notes, and tightly so

I have no sympathy for people being sacked for this, its often joked at work this is the only NHS sackable offence

HRTQueen · 26/06/2026 13:37

NowSober · 26/06/2026 13:23

I was given a verbal warning for printing off the pathology report of the nasal swab confirming I had COVID-19. It was flagged up that I had accessed part of my own medical records. I told my manager I was unapologetic & would do the same again as the data referred to me & I would be entitled to receive a copy of the pathology report if I had made a Subject Access Request.

why didn't you follow the correct procedure and why do you think you should be able to do this again

what a headache people like yourself are to manage

Lifeomars · 26/06/2026 13:39

Whorulestheroost1 · 26/06/2026 13:07

NHS nurse for over 30 years here - we all know this is something that is forbidden. Those who access information without permission do so knowing this and should 100% lose their jobs, it is not difficult to understand.

This is what astounds me, not only is is utterly wrong, you are just plain thick if you think you can get away with it

godmum56 · 26/06/2026 13:40

smallglassbottle · 26/06/2026 12:07

I agree, but it's naïve to rely on people to do the right thing. Even healthcare workers can be scumbags and indulge their morbid curiosity. There needs to be tighter controls over who can access these things.

There are. Every login and access is recorded and must be accounted for. Honestly I can't believe the stupidity of these people. They KNOW there is no getting away with it and that, with very few exceptions, its a sacking offence. It also means that there will be no more NHS employment for them as the offence will follow them.

Fuckmyliferightnow · 26/06/2026 13:43

I was always taught it’s a sackable offence. Even looking at your own record was bad.

Lifeomars · 26/06/2026 13:43

Partickle · 26/06/2026 13:29

Prior to retirement I was a Clinical Auditor in the NHS. I used to be a HCP and therefore was well aware of ‘why’ one might need access to patient data.

It never failed to amaze me the number of staff members who just didn’t understand that I could see everything, key strokes dated & timed, length of time they spent looking at records (or sometimes accessing inappropriate websites that had absolutely nothing to do with their job).

Many seemed to believe (despite frequent ‘teaching’) they were doing nothing wrong and ‘everybody did it’. Always suggested they re-read the contract they signed when they started work prior to HR being involved.

Somebody at my Trust was caught running an EBay shop using their work computer and another was caught doing a second job, they used to enter fake appointments for home visits on the system and then go out to their other job!

NowSober · 26/06/2026 13:44

HRTQueen · 26/06/2026 13:37

why didn't you follow the correct procedure and why do you think you should be able to do this again

what a headache people like yourself are to manage

Innocently I didn't know it was against the rules. If I had been logged in as one of my colleagues when I accessed my own data nobody would have been any the wiser.

Zoonosis · 26/06/2026 13:44

lovecotswoldsliving · 26/06/2026 12:09

In schools only a very few members of staff can access any medical events.
why is this not the case in the NHS?

Because school staff don't routinely have to access medical records to do their job whereas NHS staff do.

KnittyKnotty · 26/06/2026 13:45

They aren't saying the 40 people accessed them inappropriately. Just 40 medical professionals accessed them.

After such a horrendous attack including a period in intensive care is 40 separate medical professionals that high a number considering the various departments the little boy will have had contact with?

Presume A&E, Intensive Care, Paeds with 3 different shifts of staff 24/7.

Marmalademorning · 26/06/2026 13:47

randomchap · 26/06/2026 12:09

Tabloid newspapers do contact hospital staff, offering money for details. That needs to be cracked down on

They can always say no 🙄

Netcurtainnelly · 26/06/2026 13:51

HRTQueen · 26/06/2026 13:34

In the trust I work for a number of people lost there jobs when they accessed a patients notes who was high profile and had been in the news

No one can pretend they didn't know, if the person is not on your team list then you are asked a number of times what is the reason you are accessing their information and this is recorded and monitored

you can not even look at your own notes, and tightly so

I have no sympathy for people being sacked for this, its often joked at work this is the only NHS sackable offence

Fools never learn.

Netcurtainnelly · 26/06/2026 13:53

godmum56 · 26/06/2026 13:40

There are. Every login and access is recorded and must be accounted for. Honestly I can't believe the stupidity of these people. They KNOW there is no getting away with it and that, with very few exceptions, its a sacking offence. It also means that there will be no more NHS employment for them as the offence will follow them.

Aren't they embarrassed when their friends and family ask why they lost their job.