A Trust has been fined £180,000 after the 56 Dean Street clinic in London's Soho mistakenly revealed the email addresses of more than 700 people who used an HIV service.
The organisation, which is part of the Chelsea and Westminster Hospital NHS Foundation Trust, sent out a newsletter last year to patients on a group email, rather than to individuals, which meant that patients who had attended clinics were able to read the names and email addresses of other patients.
The Information Commissioner, Christopher Graham, commented: “The Trust was quick to apologise for their mistake and has undertaken substantial remedial work since the breach. Nevertheless, it is crucial that the senior managers at NHS Trusts understand the requirements of data protection law, and the serious consequences that follow when that law is broken.”
