The NHS has paid out £1.5m in data breach claims. ‘Unauthorised access’ to personal data is the most prevalent breach in the UK’s health sector.
Greater Manchester Mental Health NHS Foundation Trust has forked out the fourth highest amount of all UK NHS Trusts for data breach claims in the last three years.
An investigation by Legal Expert has revealed a stark increase both in terms of human error and cyber-attacks throughout the NHS.
Overall, NHS Trusts have paid out more than £1.5million in data breach claims since 2021 amid a ‘worrying’ rise across the UK.
Data Breach specialist at LE, Eleanor Coleman says: “This rise in the health sector is worrying and we hope that organisations are ensuring that they have sufficient security in place to protect people’s personal information.”
The NHS is expected to collect, store, use, share and dispose of personal information or data about individuals, in line with the General Data Protection Regulation (GDPR) and the Data Protection Act (DPA).
Under data protection law, organisations must have appropriate technical and organisational systems in place to ensure personal data is kept safe and not inappropriately disclosed to others.
According to the ICO (Information Commissioner’s Office), data breaches within the health sector have risen by 21% between 2022 and 2023.
The most common of which are recorded as ‘unauthorised access’ – this is when an unauthorised individual has gained access to personal data and can include prohibited disclosures.
It describes instances where an individual has unlawfully accessed or disclosed information and where a third party has forcibly accessed a system.
Given the extremely sensitive nature of information health by the NHS, data breaches within its systems can have concerning impacts.
Most recently, South Tees Hospital NHS Foundation Trust was reprimanded for a “serious, harmful data breach” by the ICO which resulted in a disclosure containing sensitive information to an unauthorised family member.
Legal Expert conducted an investigation following an influx of enquiries about data breaches in the healthcare sector, particularly within the NHS.
Data obtained via a series of Freedom of Information Requests to every NHS Trust revealed a total of 897 data breach claims were lodged against NHS trusts between 2020-23.
During this time, 418 claims were closed with compensation payments. The total amount of damages paid by the NHS for these claims was £1,537,295.
Some 212 data breach claims were closed during this period with NIL damages paid out.
Legal Expert’s investigation reveals a total of 20 NHS Trusts paid out thousands in data breach compensation claims in the last three years.
Greater Manchester Mental Health NHS Trust paid out the fourth highest compensation of all UK trusts.
Between the financial years, 2020/21 and 2022/23, the trust had 5 claims lodged against it, all of which were made between 2022/23.
In the last three years, the trust settled 5 claims, paying out a total of £30,500.
Manchester University NHS Foundation Trust was also high on the list, paying the seventh highest amount out of all UK trusts.
The trust settled 8 data breach claims with a sum of £23,590.
Victims of a breach may be able to claim compensation providing a certain set of criteria is met.
Expert Eleanor Coleman says: “We have noticed an increase in data breaches generally over the last year, both in terms of human error and cyber-attacks.
“We understand that this is worrying and hope that organisations are ensuring that they have sufficient security in place to protect people’s personal information.
“In terms of compensation, this is dependent upon what has happened, the information which has been subject to the data breach and the distress it has caused. A lot of cases can be settled without the need to issue Court proceedings, but if this is necessary, then we would advise clients accordingly.”
Legal Expert has a team of experts on hand to offer free guidance and advice for anyone with concerns following a data breach.
They operate a 24-hour helpline and live chat service which you can access on their website.
news4trafford.co.uk 
