Help end medical misogyny. Sign our petition.

Help end medical misogyny.
Sign our petition.

Sign the petition

Please or to access all these features

AIBU?

Share your dilemmas and get honest opinions from other Mumsnetters.

NHS staff accessing medical records inappropriately in high profile or tragic news stories.

224 replies

HavfrueDenizKisi · 26/06/2026 12:02

What the hell is wrong with people who work for the NHS and still somehow think it’s ok to voyeuristically access the medical records of patients who have been in the news?

Just read this article about 40 members of staff being investigated over the inappropriate viewing of this poor boy’s medical records. Read a similar article a few weeks back about the medical records of the victims of the Nottingham attack being accessed. Something like 11 people were sacked and 12 given final warnings about that (somehow suggesting it wasn’t their first time doing so).

Surely it is pretty fucking clear when you start working for the NHS that this is Absolutely Not Allowed. Plus it must be clear that there is a digital trail left behind of anyone accessing records. Honestly the mind boggles.

Link to article on BBC:

https://www.bbc.co.uk/news/articles/cvg5kvpdd15o

A uniformed police office stands in front of a bricked barn has a car park outside the front on the left. There is a fence on the right which opens into a court yard and there are signs on the door. There is a police car parked in the car park.

Crocodile attack: Hospital probe after boy's records accessed

Cambridge University Hospitals refers itself to the Information Commissioner over the breach.

https://www.bbc.co.uk/news/articles/cvg5kvpdd15o

OP posts:
Crudd99 · 26/06/2026 17:04

TBC99 · 26/06/2026 12:08

It is made clear, and the vast majority of staff don't do this. Those who do are disciplined once they are discovered.
Im not sure what else you think should happen

My sister who was a HCA kept looking up medical records of people she knows and used to make sure everyone knew. When it was reported the person who was dealing with it wanted to know the exact dates and times . Obviously no one knew this so the person dealing with it tried to fob off the complaints. It was only because the complainants stood firm that anything was done. My sister then left working for the NHS and it was dropped as they couldn't definitely say it was her as all the staff used the same login as it " was easier than keep logging in and out because they are busy" Basically she jumped before she was pushed.

DeepRaven · 26/06/2026 17:10

This reply has been deleted

Message deleted by MNHQ. Here's a link to our Talk Guidelines.

anyolddinosaur · 26/06/2026 17:16

Think it's necessary to keep repeating that a seriously ill child will have been looked after by a large number of people who will have needed to see his medical records. Since the hospital has referred themself someone has decided that is too high a number but lets wait and see how many had a legitimate need to do so.

godmum56 · 26/06/2026 17:16

Crudd99 · 26/06/2026 17:04

My sister who was a HCA kept looking up medical records of people she knows and used to make sure everyone knew. When it was reported the person who was dealing with it wanted to know the exact dates and times . Obviously no one knew this so the person dealing with it tried to fob off the complaints. It was only because the complainants stood firm that anything was done. My sister then left working for the NHS and it was dropped as they couldn't definitely say it was her as all the staff used the same login as it " was easier than keep logging in and out because they are busy" Basically she jumped before she was pushed.

well the person who allowed all staff to use the same login should definitely have been sacked.

godmum56 · 26/06/2026 17:18

This reply has been deleted

Message deleted by MNHQ. Here's a link to our Talk Guidelines.

so you would not mind if your personal detail were the subject of gossip in the local pub or ended up in the papers? Honestly I despair.

Crudd99 · 26/06/2026 17:19

godmum56 · 26/06/2026 17:18

so you would not mind if your personal detail were the subject of gossip in the local pub or ended up in the papers? Honestly I despair.

I think ravens trolling.

DeepRaven · 26/06/2026 17:19

godmum56 · 26/06/2026 17:18

so you would not mind if your personal detail were the subject of gossip in the local pub or ended up in the papers? Honestly I despair.

im always the subject of local gossip

SerendipityJane · 26/06/2026 17:19

godmum56 · 26/06/2026 17:16

well the person who allowed all staff to use the same login should definitely have been sacked.

I have been involved in disciplinary hearings over "shared" logins. Sackable offence.

Kirbert2 · 26/06/2026 17:32

lovecotswoldsliving · 26/06/2026 12:09

In schools only a very few members of staff can access any medical events.
why is this not the case in the NHS?

Because some people are under multiple specialists etc and do actually have a lot of people accessing their records.

Due to the little boy's reported injuries and the fact he was initially critical, it also wouldn't surprise me if 40 staff accessing his records were actually genuine.

NonComm · 26/06/2026 17:46

It’s not just the NHS - it used to go on in policing too. Staff in the public sector do get regular mandatory Information Governance training. Thats why it’s easy to sack them when they’re found out - they can’t say they didn’t know. I have a NC relative who is a practice manager - she used to access friends and neighbours’ records on her staff’s log ins. I also remember a policeman’s wife at the school gates a few years ago, telling everyone about what happened locally.
Staff should never share their log in details with anyone - they’d be leaving themselves wide open to being blamed.

Identyfy · 26/06/2026 17:46

Of course it’s tempting and yes, as humans we are nosy.

There was a big TV series about somebody who had been in our trust. It was fictionalised but lots of staff knew who the patient was. I was so tempted to look them up on our system, I did not. My neighbour got admitted into my unit, though not my ward. She was a bit of a ‘character’ and I was interested in why she was here but again, I did not look it up. You just can’t go down that route.

Identyfy · 26/06/2026 17:49

And the rules have got stricter so there is no way you could miss the confidentiality message now. When I started, it was all much more laid-back. Sometimes when I discharged somebody from my ward, I might look them up after a month or so to see how they were getting on in the community. It was genuine professional interest. But I no longer even dare to do that because I am not directly involved in their care. Maybe overkill, but I would rather be safe than sorry.

There is no way on earth a professional could miss this message in this day and age.

Goatsarebest · 26/06/2026 17:52

Projectprincesschaos · 26/06/2026 12:25

@FilmsandBooks hearing people disclose details of patients records is also a breach of GDPR even if they had a legitimate reason for accessing in the first place

And that's a criminal offence. So let's start having some prosecution. That will stop it.

tttigress · 26/06/2026 17:53

I don't know why people go on about NHS workers being heroes/ angels (particularly in COVID).

They are just people, and it is well known that the population contains a fair amount of scum bags.

tukatuka · 26/06/2026 17:55

NowSober · 26/06/2026 14:13

And you should never be using another persons account

Do you work in a clinical role in the NHS? Do you know how crappy the systems we have to use are? If I had to log in every time I walked up to a PC I would never get the work done because it takes so long. We all leave the PCs logged or work would be impossible.

There is a difference between theory & practise.

I work for the NHS an I know it’s absolutely not allowed to I’m use someone else’s login. All our documentation is personal to us. On occasions when I haven’t been able to access systems to do note, for example because I’ve lost my smart card, I would document in an email, a colleague would upload it making it explicitly clear that the notes were done by me.

You also mentions looking up your own notes and that you’d do it again despite getting into trouble for it. You very much risk getting sacked for that. Again, it’s very clearly educated to all of us in the NHS that it’s not allowed.

Identyfy · 26/06/2026 17:56

tttigress · 26/06/2026 17:53

I don't know why people go on about NHS workers being heroes/ angels (particularly in COVID).

They are just people, and it is well known that the population contains a fair amount of scum bags.

I agree. I have worked in the NHS for 30 years and there are amazing people and average people and some dreadful people. I don’t defend it blindly.

I ‘banned ‘anyone I knew from doing that dreadful pots and pans banging thing during the pandemic and using words like heroes. People were just doing the job they were paid for, including me. It all made me cringe so much.

mummypigoink · 26/06/2026 19:20

Kirbert2 · 26/06/2026 17:32

Because some people are under multiple specialists etc and do actually have a lot of people accessing their records.

Due to the little boy's reported injuries and the fact he was initially critical, it also wouldn't surprise me if 40 staff accessing his records were actually genuine.

They’ve referred themselves to the ICO. That’s basically an admission there has been unauthorised access as there’s no reason to report otherwise. It might be that 200 people have legitimately looked at the records. But there’s 40 who had no reason.

neverinmy · 26/06/2026 19:25

It’s crazy. I have access to a lot of stuff including high profile peoples info, up to government/royal level. I’m stringently checked to the level they check my family, friends, partner, finances, even down to a speed awareness course 30 years ago
they basically need to make sure I can’t be bribed but I couldn’t live with myself if I gave info out and someone got hurt

TheNinkyNonkyIsATardis · 26/06/2026 21:19

mummypigoink · 26/06/2026 19:20

They’ve referred themselves to the ICO. That’s basically an admission there has been unauthorised access as there’s no reason to report otherwise. It might be that 200 people have legitimately looked at the records. But there’s 40 who had no reason.

Not necessarily. Early engagement with the regulator is always a good precautionary step. I've advised proactive engagement with the regulator even where a breach wouldn't actually meet the threshold, because if the individuals concerned complain to the regulator, we can show that we've already engaged them.

fqap · 26/06/2026 21:27

The vast majority of staff follow the rules; but it can take time to work out if access was legitimate when a concern has been raised. There are countless reasons why notes may be accessed and multiple systems where patient details are visible. Some reasons are immediately obvious and memorable (e.g seen by me in clinic that day) others are not

Regrettably people are only likely to be caught if they do something obvious like look at their own records, or those of someone famous or newsworthy, or someone raises a specific concern.

Girliefriendlikespuppies · 26/06/2026 21:33

Greybeardy · 26/06/2026 12:22

It’s not beyond the realms of possibility that all 40 people actually needed to access the notes - the article itself says they're still exploring whether any of those people were inappropriately looking. There isn’t really much in the story as it stands…but it does make a change from hearing about the weather.

That’s what I thought, it isn’t a stretch to think 40 members of staff needed to look at the notes as they were looking after him 🤷‍♀️

There will be Drs, nurses and HCAs as well as admin staff. It was a high profile case so I assume everyone who cared for him would want everything documented.

I’ve worked for the nhs for 20 plus years and patient confidentiality has always been taken extremely seriously.

CocoButterNut · 26/06/2026 21:36

These breaches are not taken remotely seriously. See this case at the same hospital: https://www.theguardian.com/society/2023/may/14/woman-medical-records-accessed-hospital-doctor-cambridge

Addenbrookes has refused to say whether that doctor was sacked for her horrific behaviour, even the woman targeted doesn't know. Outcome of the GMC investigation is also confidential. What a huge amount of institutional protection doctors who browse medical records are given.

‘I felt anger, fear and horror that she had obtained my data and shared it’

Woman recounts ordeal after medical files accessed without justification by boyfriend’s ex-partner – a doctor in Cambridge

https://www.theguardian.com/society/2023/may/14/woman-medical-records-accessed-hospital-doctor-cambridge

XenoBitch · 26/06/2026 21:39

I am kind of sceptical about this, and think this is just the press trying to stir up more interest in this case, because it has died down. Click bait shite.

People admitted to hospital, especially to ITU etc and staying there a while, will have loads of staff involved in their care and accessing their notes. 40 does not seem excessive at all.
There used to be ads on TV where it showed someone falling down stairs or having a fit, and it listed all the people that were involved in their care at some point.

PenelopeJoanSterling · 26/06/2026 21:40

not saying its right but these days with digital trails etc why not just ask someone who knew about the case etc ?

TBC99 · 26/06/2026 21:55

ThunderThunderThunderThunderCats · 26/06/2026 14:06

Instant sacking and a possible criminal conviction would be a good start and deterrent.

I work for a government dept (not the NHS) and we’re told when we first start that anyone accessing records that aren’t necessary for the work they’re currently doing is an instant termination.

As I said, staff are disciplined once discovered and, as you will have read from the many experiences posted here, dismissal is often the outcome, though not a criminal conviction as it currently stands.

The majority of the vast numbers of staff who handle sensitive data daily as a part of their duties do so properly. Some don't, and it does seem as if this is an increasing problem. I don't know why that is, but i do know that it is taken very seriously when it is discovered.

Swipe left for the next trending thread