A WOMAN entered a Fife hospital ward without permission and left with paperwork containing personal information about 14 patients, a watchdog has found.
Purporting herself to be a member of agency nursing staff, she entered St Andrews Community Hospital on February 1 and was given a shift handover document containing details of 14 patients.
She left after being challenged by a member of the hospital's nursing team, but police have been unable to recover the document or identify the person.
READ MORE: Scotland weather: Met Office issues yellow warning for snow and ice
According to the Information Commissioner's Office (ICO), the investigation has been hindered by a hospital staff member accidentally switching off the CCTV.
The data protection watchdog has reprimanded NHS Fife after the incident at one of its hospitals in February.
The ICO said the unauthorised person gained access to the ward and then, “due to a lack of identification checks and formal processes”, they “assisted with administering care to one patient” and were handed a document containing the personal information of 14 people.
The ICO said: “The data was taken off site by the person and has not been recovered.
“While the hospital had CCTV installed, the wall socket with the CCTV had been accidentally turned off by a member of staff prior to the incident.
“The police have not been able to identify the person or recover the lost data, hindered by the lack of CCTV footage.”
The watchdog’s investigation found NHS Fife failed to have appropriate security measures for personal information, as well as low staff training rates.
Following the incident, NHS Fife introduced new measures including a sign in and out system for documents containing patient data, and updated identification processes.
Natasha Longson, ICO head of investigations, said: “Patient data is highly sensitive information and must be handled with the appropriate security.
READ MORE: Michael Shanks joins Labour front bench as shadow Scotland minister
“When accessing healthcare and other vital services, people need to trust that their data is secure and only available to authorised individuals.
“Every healthcare organisation should look at this case as a lesson learned and consider their own policies when it comes to security checks and authorised access.
“We are pleased to see NHS Fife has introduced new measures to prevent similar incidents from occurring in the future.”
READ MORE: Emergency services attend crane collapse at Edinburgh building site
An NHS Fife spokesperson said: “NHS Fife and Fife Health and Social Care Partnership, who operate the facility, immediately reported the incident to Police Scotland and also referred the incident to the Information Commissioners Office.
"The patients involved and their families were informed of this breach of security.
"We acknowledge the findings of the Information Commissioners Office, and have apologised to those involved."
The spokesperson also said that measures to prevent a repeat incident were quickly implemented, and that a working group had been convened to implement recommendations from the ICO and an internal review across the healthcare board.
A Police Scotland spokesperson said: "Around 3.40pm on Wednesday, 1 February, 2023, we received a report of a woman posing as a member of staff at St Andrews Community Hospital, St Andrews.
"Enquiries have been carried out and nobody has been arrested."
Why are you making commenting on The National only available to subscribers?
We know there are thousands of National readers who want to debate, argue and go back and forth in the comments section of our stories. We’ve got the most informed readers in Scotland, asking each other the big questions about the future of our country.
Unfortunately, though, these important debates are being spoiled by a vocal minority of trolls who aren’t really interested in the issues, try to derail the conversations, register under fake names, and post vile abuse.
So that’s why we’ve decided to make the ability to comment only available to our paying subscribers. That way, all the trolls who post abuse on our website will have to pay if they want to join the debate – and risk a permanent ban from the account that they subscribe with.
The conversation will go back to what it should be about – people who care passionately about the issues, but disagree constructively on what we should do about them. Let’s get that debate started!
Callum Baird, Editor of The National
Comments: Our rules
We want our comments to be a lively and valuable part of our community - a place where readers can debate and engage with the most important local issues. The ability to comment on our stories is a privilege, not a right, however, and that privilege may be withdrawn if it is abused or misused.
Please report any comments that break our rules.
Read the rules here