Nursing home likely to face significant fine and claims for compensation following data breach
A nursing home in Eastbourne is facing investigation after it was reported that documents detailing personal information of its disabled residents were found in the street.
Posted on 20 March 2020
The Disability News Service reported that a four-page document was found that details the names and medical details of all 36 residents and Manor Hall in Eastbourne, including extremely sensitive data such as health conditions, mobility and personal care needs and end-of-life choices.
The document was reportedly found by a member of the public next to a bin that had been knocked over. It was passed on the local MP and has been reported to the care home, East Sussex County Council and the Information Commissioner’s Office (ICO).
A spokesperson Manor Hall told the Disability News Service that it was investigating what had happened, and that the matter had been passed to the council’s safeguarding team.
Solicitor Sean Humber, who specialises in data rights issues at law firm Leigh Day, said:
“I have acted in a range of different cases involving the disclosure, either deliberately or more usually in error, of people’s medical information without their knowledge or consent.
“This is a very serious data breach both in terms of the number of people affected and the very sensitive nature of the personal information involved. Indeed, it is hard to think of anything more personal to someone than details of their end-of-life choices.
“It is entirely appropriate that the matter has been reported to the Information Commissioner’s Office (ICO), the independent regulatory body in charge of upholding information rights in the interest of the public.
“It seems very likely to me that, following an investigation by the ICO, the nursing home will end up facing a significant fine for failing to keep their residents’ personal details secure.
“In addition, and separate to any fine they may face, all those whose personal details are included on the list are likely to have very strong claims for compensation against the nursing home for breach of the GDPR/Data Protection Act 2018 and misuse of their private information.
“Given the sensitivity of the information disclosed, the compensation could be considerable.”
The data safety team at Leigh Day, led by Sean Humber and Gene Matthews, are investigating potential legal claims relating to a number of data breaches by other healthcare providers and large businesses. These the include potential actions against the Charing Cross Gender Identity Clinic which mistakenly revealed the identities of almost two thousand of its patients in September 2019 and against Virgin Media which revealed earlier this month that the personal details of 900,000 customers and potential customers had been accessed without permission.
If you, or a member of your family, has been affected by this data breach and you wish to discuss the matter further, in confidence and without obligation, please contact Sean Humber by email at shumber@leighday.co.uk or by telephone on 020 7650 1200.