Active discussions

Meet the Other Phone. A phone that grows with your child.

Meet the Other Phone.
A phone that grows with your child.

Buy now

Please or to access all these features

Talk
Covid

Mumsnet doesn't verify the qualifications of users. If you have medical concerns, please consult a healthcare professional.

Original poster

Another GDPR breach?

17 replies

covidmania13 · 07/10/2020 00:05

manager of a private nursing facility receives a detailed letter and very compassionate letter from my GP (permission given by me) to consider allowing me visiting a very close relative on exceptional grounds bearing in mind the COVID situation because I have colon cancer stage iii but am not currently ill. But am a high risk for recurrence.

The manager attempts to contact my GP. without my permission a number of times but is unsuccessful. Is this a GDPR breach?

OP posts:
AlexaShutUp · 07/10/2020 00:07

In what way do you feel your personal data has been breached?Confused

Quandaries · 07/10/2020 00:08

No, it’s not a breach. They’re contacting the person who wrote them a letter, that’s pretty standard.

PegasusReturns · 07/10/2020 00:08

No. Had the manger been successful and had the GP disclosed details w/o your consent then there would have been a breach but this is not.

PlayingGrownUp · 07/10/2020 00:10

As you have given permission for the GP to share your information with the manager I wouldn’t have thought so. After all the manager is most likely calling for further relevant information regarding making a decision.

If the manager passed the information on to a third party that would be a breach but they haven’t.

Catsup · 07/10/2020 00:12

Do you know why the manager was trying to contact your GP? The manager may have wanted a general discussion with your GP. There would be no problem with the manager seeking general information or advice, so long as the GP didn't discuss or disclose your personal information.

Smallsteps88 · 07/10/2020 00:16

Presumably the phone number/email address the manager called was the phone number/email address the GP provided on the letter and the one linked to their practise. So no breach there. The Gp will have permission to give out the practise number/email address. The GP has your permission for the information they provided in the letter so no breach there. The manager hasn’t given anyone any information so no breach there.

Where do you think there was a data breach?

Original poster
covidmania13 · 07/10/2020 00:55

I am assuming the manager was wanting to discuss my medical status with the GP. Everything that needed to be said was in the letter My understanding is that medical information is private between a patient and their GP. The GP did not in the event return her call, but it did not stop the manger trying at least four times.I was completely unaware/not informed that the manager would be calling my GP as I never gave permission to discuss my medical condition, my understanding is a GP would not have disclosed my medical stuff
I am not the patient my relative is. If it is not a GDPR breach it was an attempt at it. If she wanted to get general information about cancer and COVID she could have phoned Macmillan
for example.

OP posts:
AlexaShutUp · 07/10/2020 00:59

The material point is, OP, that no breach occurred. You do not know exactly why she was calling your GP. She might have been seeking general information or clarification of something in the letter, or she might have been seeking information that you had not consented for her to have. In that situation, the onus would have been on your doctor to avoid breaching your confidentiality. She has not breached anything merely by making a phone call.

Smallsteps88 · 07/10/2020 01:00

my understanding is a GP would not have disclosed my medical stuff

Well then no breach would have happened.

The breach would only have happened if the GP gave out information they shouldn’t have. And it would have been the GP that was guilty of the breach.

The manager was not breaching GDPR by asking. It wasn’t an attempt at a data breach unless the manager was trying to give the GP information they didn’t have permission to share. Which they weren’t.

Original poster
covidmania13 · 07/10/2020 01:48

@Smallsteps88

I do not know why she was trying to get hold of my GP because it was never discussed with me. I am assuming she wanted more information about my medical condition. I do not know if she was trying to share anything, I only know that my permission was not sought for her to have any conversation about me. I could have given her further information if she needed clarification on anything. At best it would have been polite to discuss tht she was calling my GP and why. I am going to check for sure tomorrow as this is not as straightforward as it seems
.

OP posts:
OpheliasCrayon · 07/10/2020 07:44

Id be glad they're calling to be honest. It seems they're making an effort that you're going to be able to see your relative. I don't wish to sound overly harsh but I think your being rather churlish. They're trying to make an exemption for you in the middle of a pandemic where rules are usually very strict and not changeable. And now you're getting upset that the two people involved in sorting this out for you are contacting each other. I think you should be a little more appreciative that they're helping you spend time with your relative to be honest and stop chucking it back in their face!

Smallsteps88 · 07/10/2020 10:10

Are you generally quite paranoid OP? This isn’t a normal reaction to what what’s happened here. In fact I would go as far as to say nothing has actually happened.

CloudPop · 07/10/2020 10:25

GDPR must be the most misunderstood and misinterpreted piece of legislation in history.

JenSays · 07/10/2020 11:22

[quote covidmania13]@Smallsteps88

I do not know why she was trying to get hold of my GP because it was never discussed with me. I am assuming she wanted more information about my medical condition. I do not know if she was trying to share anything, I only know that my permission was not sought for her to have any conversation about me. I could have given her further information if she needed clarification on anything. At best it would have been polite to discuss tht she was calling my GP and why. I am going to check for sure tomorrow as this is not as straightforward as it seems
.[/quote]
She doesn’t need your permission to correspond with a GP who contacted her.

The GP holds your data. In agreement with you, they shared it with a third party at your request to support a process you wanted.

The nursing home has done nothing wrong here.

It sounds like you’re having a very tough time with your health and the wellbeing of a loved one and I’m really sorry to hear it. That takes a huge emotional toll.

However, starting a row with the nursing home on what you incorrectly think is a GDPR issue is going to get you nowhere, and will probably make the nursing home less likely to try and accommodate you for fear they’ll be tied up in knots at every step.

LadyCatStark · 07/10/2020 11:42

No because no personal data has been mishandled. If your GP had spoken to them and given out personal data, your GP would have been at fault.

StatisticalSense · 07/10/2020 11:42

Definitely no GDPR breach. It may have been as simple as the manager wanting to confirm that the letter was actually from the GP and not a faked letter coming from a relative that is desperate to visit. Care home managers need to take Covid seriously and will therefore be double checking literally everything before permitting visitors especially if the general advice in their area is not to do so.

Southernc0mfortmirror · 07/10/2020 11:47

Maybe they weren’t trying to get your information at all, but to verify it was the GP who sent the letter?

New posts on this thread. Refresh page