Hospital sends sensitive patient letters to man awaiting treatment instead of doctors
Sensitive medical letters for 11 patients have been accidentally sent to a man awaiting an update on his own treatment.
The letters from Shrewsbury & Telford Hospital NHS (SaTH) were all contained in one envelope.
They appear to be intended for one medical practice in Telford, but were instead sent to a man at a private address who was receiving information from the hospital about his own situation.
The letters are from the trauma and orthopaedic department of the hospital, and were all addressed to doctors at the Telford practice – detailing updates on conditions and treatment for individual patients who had been referred to the hospital.
The hospital trust is expected to carry out an investigation to find out what happened and how the letters were sent to the wrong address.
It is possible that the situation could be a breach of General Data Protection Regulation rules.
The partner of the person who the envelope was addressed to said they were shocked to discover the contents – and had contacted the hospital to tell them what had happened.
The woman, who did not want to be named, said she was concerned that the mistake would see people missing out on important updates on their healthcare.
She said she wanted to make sure it did not happen again and that the matter was investigated.
She said: "When I was opening it I thought 'this is really thick'."
She added: "We were really shocked. It is quite alarming and obviously the people due to get these letters were not going to get them. It is just a bit of a shambles.
"I am concerned that the same thing could happen with a letter for my partner."
Richard Steyn, Medical Director for Strategy and Partnerships and Caldicott Guardian at the Shrewsbury and Telford Hospital NHS Trust (SaTH), said: “Thank you for bringing this issue to our attention. We take our responsibility to maintain the confidentiality of patients, staff and others very seriously.
"In the rare circumstances where a data breach is identified, we undertake a full investigation, contact those who may be affected, and do all that we can to learn how to prevent the matter happening in future.”