Calendar An icon of a desk calendar. Cancel An icon of a circle with a diagonal line across. Caret An icon of a block arrow pointing to the right. Email An icon of a paper envelope. Facebook An icon of the Facebook "f" mark. Google An icon of the Google "G" mark. Linked In An icon of the Linked In "in" mark. Logout An icon representing logout. Profile An icon that resembles human head and shoulders. Telephone An icon of a traditional telephone receiver. Tick An icon of a tick mark. Is Public An icon of a human eye and eyelashes. Is Not Public An icon of a human eye and eyelashes with a diagonal line through it. Pause Icon A two-lined pause icon for stopping interactions. Quote Mark A opening quote mark. Quote Mark A closing quote mark. Arrow An icon of an arrow. Folder An icon of a paper folder. Breaking An icon of an exclamation mark on a circular background. Camera An icon of a digital camera. Caret An icon of a caret arrow. Clock An icon of a clock face. Close An icon of the an X shape. Close Icon An icon used to represent where to interact to collapse or dismiss a component Comment An icon of a speech bubble. Comments An icon of a speech bubble, denoting user comments. Comments An icon of a speech bubble, denoting user comments. Ellipsis An icon of 3 horizontal dots. Envelope An icon of a paper envelope. Facebook An icon of a facebook f logo. Camera An icon of a digital camera. Home An icon of a house. Instagram An icon of the Instagram logo. LinkedIn An icon of the LinkedIn logo. Magnifying Glass An icon of a magnifying glass. Search Icon A magnifying glass icon that is used to represent the function of searching. Menu An icon of 3 horizontal lines. Hamburger Menu Icon An icon used to represent a collapsed menu. Next An icon of an arrow pointing to the right. Notice An explanation mark centred inside a circle. Previous An icon of an arrow pointing to the left. Rating An icon of a star. Tag An icon of a tag. Twitter An icon of the Twitter logo. Video Camera An icon of a video camera shape. Speech Bubble Icon A icon displaying a speech bubble WhatsApp An icon of the WhatsApp logo. Information An icon of an information logo. Plus A mathematical 'plus' symbol. Duration An icon indicating Time. Success Tick An icon of a green tick. Success Tick Timeout An icon of a greyed out success tick. Loading Spinner An icon of a loading spinner. Facebook Messenger An icon of the facebook messenger app logo. Facebook An icon of a facebook f logo. Facebook Messenger An icon of the Twitter app logo. LinkedIn An icon of the LinkedIn logo. WhatsApp Messenger An icon of the Whatsapp messenger app logo. Email An icon of an mail envelope. Copy link A decentered black square over a white square.
Home News Fife

Unauthorised person gave care to Fife hospital patient before stealing people’s personal details

The unidentified person has never been found due to a CCTV blunder.

By Chloe Burrell
NHS Fife has been reprimanded after allowing an "unauthorised" person in a hospital.
NHS Fife has been reprimanded after allowing an "unauthorised" person in a hospital. Image: Kim Cessford/DC Thomson

NHS Fife has been rapped after an “unauthorised” person wandered into a hospital ward, gave care to a patient and then made off with more than a dozen people’s personal details.

The woman was able to gain access to a ward at St Andrews Community Hospital in February.

A report from the Information Commissioner’s Office (ICO) found she did not undergo an identity check.

As a result, she was able to assist in giving care to one patient.

The woman was also handed a document containing the personal information of 14 people – which has never been tracked down.

Data taken from NHS Fife hospital not recovered after CCTV blunder

A statement from the ICO said: “The data was taken off-site by the person and has not been recovered.

“While the hospital had CCTV installed, the wall socket with the CCTV had been accidentally turned off by a member of staff prior to the incident.

“The police have not been able to identify the person or recover the lost data, hindered by the lack of CCTV footage.”

The nature of the care given to the patient, and the type of information taken, has not been revealed.

The watchdog concluded that NHS Fife did not have “appropriate security measures” in place for personal information, and there was also a lack of staff training.

The ICO says since the incident, NHS Fife has introduced a system for documents containing patient data to be signed in and out, as well as an updated identification process.

Other hospitals are now being urged to improve their standards of data protection.

‘People need to trust that their data is secure’

Natasha Longson, head of investigations for the ICO, said: “Patient data is highly sensitive information and must be handled with the appropriate security.

“When accessing healthcare and other vital services, people need to trust that their data is secure and only available to authorised individuals.

“Every healthcare organisation should look at this case as a lesson learned and consider their own policies when it comes to security checks and authorised access.

“We are pleased to see NHS Fife has introduced new measures to prevent similar incidents from occurring in the future.”

ICO makes recommendations to NHS Fife after ‘unauthorised person’ breach

As part of its reprimand, the ICO has recommended that NHS Fife could improve its data protection compliance by:

  • Improving the overall training rate, in line with current legislation
  • Developing guidance or a policy in relation to formal ID verification
  • Reviewing all policies available from their intranet, ensuring that they are all up-to-date and accurate, with archived versions clearly marked
  • Revisiting the data breach reporting process and ensuring relevant personal data breaches are reported within 72 hours

A spokesperson for NHS Fife said: “Earlier this year an individual purporting to be a member of agency nursing staff attended St Andrews Community Hospital.

“The individual was only on a ward for a short period of time and left shortly after being challenged by a member of the nursing team.

“While the person was never alone with any patient, they did have access to a handover document containing information relating to patients on the ward.

“NHS Fife and Fife Health and Social Care Partnership, who operate the facility, immediately reported the incident to Police Scotland and also referred the incident to the Information Commissioner’s Office.

“The patients involved and their families were informed of this breach of security.

St Andrews Community Hospital. Image: Kris Miller/DC Thomson

“We acknowledge the findings of the Information Commissioner’s Office, and have apologised to those involved.

“A range of additional measures were put in place shortly after the incident to prevent such a matter from occurring again in future.

“We have since carried out a significant adverse event review and a working group has been established to implement the recommendations of both the information commissioner and the findings of our own review across the entirety of NHS Fife.”

A Police Scotland spokesperson said: “Around 3.40pm on Wednesday, 1 February, 2023, we received a report of a woman posing as a member of staff at St Andrews Community Hospital, St Andrews.

“Inquiries have been carried out and nobody has been arrested.”

Earlier this year, an independently run Newport GP practice referred itself to the ICO after a data breach involving patient invoices.

More from Fife

Dunfermline man Gareth Hempseed, 20, was killed in a crash in Linlithgow.
Dunfermline man, 20, killed in car crash
Queen Anne Street, Dunfermline.
Two teens charged after report of youths on a roof in Dunfermline city centre
An artist impression of the entrance to the proposed new crematorium building in Glenrothes. Image: Dignity Plc
Residents win fight against Glenrothes crematorium plan - but new site could be considered
Police on the A985 near Rosyth in Fife.
A985 near Rosyth closed in both directions due to motorbike and car crash
Location markers in place as film crews descends on Culross.
Film crews descend on Fife village as speculation grows over Outlander prequel
St Andrews University students enjoy the May Day dip.
Pictures as St Andrews students brave chilly and misty waters for annual May Day…
Kirkcaldy hit and run
Police hunt hit-and-run driver after Kirkcaldy crash
The Jigger Inn has reopened
First look inside famous Jigger Inn as St Andrews pub reopens after refurbishment
Owner of Cromars Fish and Chips Wendy Napthine-Frame.
'Scotland's first dog-friendly chip shop' in St Andrews launches dedicated menu for pooches
3
The Broughty Ferry lifeboat leaving for the scene on Wednesday. Image: DC Thomson
Helicopter and lifeboats called to search for missing person in St Andrews

Conversation