NHS Lanarkshire has been rapped over unauthorised sharing of patients’ information on WhatsApp.
Personal data was shared more than 500 times in a group chat that included phone numbers, addresses, images, videos and screenshots, the Information Commissioner’s Office (ICO) revealed yesterday.
An investigation found that 26 workers used the network to communicate between April 2020 and 2022, with a non-staff member even added to the group in error, resulting in the inappropriate disclosure of personal information.
The decision to use the chat was not sanctioned by NHS bosses, who reported it to watchdogs when it was discovered.
READ MORE: Dad raging at Glasgow GP practice after spotting blood in baby’s nappy
In a statement issued on Monday afternoon the ICO explained the group was set up at the start of the pandemic to communicate basic information.
John Edwards, UK Information Commissioner, said: “Patient data is highly sensitive information that must be handled carefully and securely. When accessing healthcare and other vital services, people need to trust that their data is in safe hands.
“We appreciate that NHS Lanarkshire, like all healthcare providers, was under huge pressure during the pandemic but there is no excuse for letting data protection standards slip.
“Every healthcare organisation should look at this case as a lesson learned and consider their own policies when it comes to both messaging apps and processing information about patients. We will be following up with NHS Lanarkshire to ensure that patient data is not compromised again.”
Sign up to our daily Glasgow Live newsletter here to receive news and features direct to your inbox.