A health clinic that mistakenly revealed the identity of HIV-positive patients in a group email has been fined by the UK’s data watchdog. The Bloomsbury Patient Network provides information and support for people who are HIV-positive. But twice in 2014, staff emailed up to 200 members at a time without obscuring other patients’ email addresses.
The Information Commissioner’s Office (ICO) recognised the valuable work done by the Clinic, and said it had levied a fine that would not cause “financial hardship”.
Another HIV support group, 56 Dean Street, in London, made the same mistake with an email sent in September 2015. It exposed the names and email addresses of 780 people when a newsletter was issued.
“No matter how big or small an organisation is, when dealing with sensitive information, policy, procedure, training, and supervision must be in place to reduce the probability of human error occurring,” said Shaun Griffin, executive director of external affairs for Terrence Higgins Trust, an HIV charity which was not implicated in the ICO ruling. “Incidences such as these are rare, and should not put anybody off getting a test for HIV. ”
The full article can be read here.