HIV data incident NHS Highland

Scottish Labour’s Shadow Health Minister, MSP David Stewart, asked Nicola Sturgeon about the incident where the email addresses of almost 40 people living with HIV were accidentally made public by NHS Highland.

Mr Stewart, who represents the Highlands and Islands, raised the issue at First Minister’s Questions today.

He said: “The First Minister will be well aware of an alleged data breach by NHS Highland which exposed confidential names and email addresses of 37 people living with HIV.

“Whilst I welcome the apology by the board, does the First Minister share my view that confidentiality is a core principle of the NHS and the decision to disclose HIV status is a matter for individuals themselves and theirs alone.”

Nicola Sturgeon agreed very strongly saying that the safety of patient data was of “the utmost importance”.

She added that the breach was reported to Information Commissioner within 24 hours. NHS Highland had taken steps to apologise to patients, respond directly to any concerns and a formal internal review was being carried out. The First Minister admitted that “clearly there have been failings”.

Afterwards Mr Stewart added that he had written to NHS Highland’s Chief Executive, Iain Stewart, to ask that he be kept informed of the outcome of the internal review and the findings of the Information Commissioner.

“Keeping patients’ data confidential is essential for everyone and I hope lessons can be learned as a result of this breach,” said the MSP.
“HIV is a very sensitive subject for those with the virus and I am told this breach has caused some distress.”