Obviously we never thought that we would be joining in with all of the media that has amassed after the announcement of the Duchess of Cambridge’s pregnancy. However the Duchess has found herself embroiled in a data protection scandal.
Extraordinarily, a prank call made by Australian 2Day FM radio presenters to King Edward VII Hospital enabled them to obtain intimate medical information about the health of Catherine. The presenters pretended to be the Queen, Prince Charles and, most bizarrely, corgis in order to attempt to get Catherine live on air. The transcript shows that, despite a very unconvincing performance by the presenters, a nurse gave private details of Catherine’s condition.
The hospital has stated that it “takes patient confidentiality extremely seriously” and that “we are now reviewing our telephone protocols.” The hospital may well talk about reviewing protocols, but the conversation clearly showed that there was absolutely no protocol involved at all. It is deeply concerning that if intimate details of the future Queen’s health can’t be kept secure there is little hope for the rest of us.
With more and more of our medical records being online, what is to stop a similar occurrence from happening to someone else? For instance, how easy would it be for me to phone one hospital claiming to be a doctor from another hospital whose database has crashed and needs to access some details about a patient? The Department for Health may state that they have procedures in place to ensure that medical staff don’t breach data protection, but this case has shown that even with the most high profile of patients mistakes can be made.
I am sure that the Information Commissioner’s Office will take an interest in this high profile data breach and it will be interesting to see whether the hospital is reprimanded for breaching the Data Protection Act.