Previously we talked
about reputation management, and the importance of maintaining and safeguarding
your reputation. Not a long, an incident involving the leak of HIV patients’
identities caused an uproar in Britain. According to an article by Josh Halliday and
Jessica Elgot, the sexual health clinic has accidentally sent out a newsletter,
disclosing patient’s names and email addresses. This matter proves to be a
serious case of data breach.
From a Public Relations
viewpoint, what can we learn from this circumstance? When a data breach
happens, many factors could be the cause of it, including human mistakes. Here,
we can see how the 56 Dean Street clinic faces possible legal action taken
against them for the breach. Or worse, trust in the brand will falter and could
potentially be the downfall of one’s brand and company.
One of Britain’s
leading sexual health clinics has apologised after mistakenly revealing the
identities of hundreds of HIV-positive patients.
The 56 Dean Street
clinic in London sent a newsletter on Tuesday that disclosed the names and
email addresses of about 780 recipients.
The newsletter is
intended for people using its HIV and other sexual health services, and gives
details of treatments and support.
The clinic, which is
run by the Chelsea and Westminster NHS trust, apologised shortly after sending
the email and on Wednesday pledged to investigate how the breach occurred.
Britain’s data
protection watchdog is likely to launch an investigation into the privacy
breach, thought to be one of the biggest of its kind.
The newsletter was sent
to about 780 patients who have signed up to its Option E service, which lets
people book appointments and receive test results by email. Instead of hiding
the personal details of those on its recipient list, it included their full
names and email addresses.
One HIV patient whose
details were exposed by the email said the NHS now has “no way of controlling
who sees this information now and, in the wrong hands, this list could be
dynamite”.
He told the Guardian:
“I have been a patient at 56 Dean Street since moving to London five years ago
and I have always trusted them with my information. OptionE is a service set up
for patients who are stable and on long term HIV treatment. It is designed to
make life easier so your results, etc, are sent via email.
“I find it impossible
to believe that in this day and age this can happen. I was able to scroll down
the list and identify the names of a number of people who I knew, some of whom
I was unaware of their status.”
Elliot
Herman, 38, from London, said the email contained the names of friends who had
never disclosed their HIV status to him before.
“It’s not difficult to
put those names into Facebook and bring up their profiles and personal
details,” he said. “If my details were on that list I would feel angry and
disappointed at the clinic for having such a shit system that this can
happen.”
Within hours of the
breach, the clinic set up a helpline and sent patients an email apology from Dr
Alan McOwan, Chelsea and Westminster hospital NHS trust’s director for sexual
health.
It said: “I’m writing
to apologise to you. This morning at around 11.30am we sent you the latest
edition of OptionE newsletter.
This is normally sent
to individuals on an individual basis but unfortunately we sent out today’s
email to a group of email addresses. We apologise for this error.
“We recalled/deleted
the email as soon as we realised what had happened. If it is still in your
inbox please delete it immediately.
Taking preventative steps for the future
Clearly this is
completely unacceptable. We are urgently investigating how this has happened
and I promise you that we will take steps to ensure it never happens again. We
will send you the outcome of the investigation.”
A 56 Dean Street
spokesman said the breach was down to a “human mistake” and that the employee
responsible was distraught. The clinic later said that not all the recipients
of the email were necessarily HIV positive.
The Information
Commissioner’s Office (ICO) said it was aware of the incident and was making
inquiries. The privacy watchdog can levy fines of up to £500,000 for
significant data breaches.
Herman, whose friends’
HIV status was exposed in the email, has complained about the breach to the NHS
patient advice and liaison service.
“This is serious breach
of data protection. There are several names I recognise from the list, and
while I am of course being discreet, I am not sure I trust every other person
on the list to do the same,” he wrote in the complaint.
He added: “I feel bad
making this complaint, because I have a great deal of respect and admiration
for the excellent service provided by the clinic and my own doctor, Alan
McOwan, who has always provided superb clinical care. I have never had cause to
complain in the past. However, I feel this is important enough to bring to
official attention.”
56 Dean Street, based
in Soho, central London, bills itself as Europe’s busiest sexual health,
contraception and HIV care clinic. In 2011, the clinic set the world record for
the most HIV tests performed in one location, at G-A-Y bar in Soho on World
Aids Day.
Last year, it claimed
to be the first clinic in the world to have an on-site Infinity machine,
allowing it to give HIV test results within six hours.
No comments:
Post a Comment