Ask Runable forDesign-Driven General AI AgentTry Runable For Free
Runable
Back to Blog
Technology6 min read

NHS staff caught snooping on patient records now risk prison as sweeping crackdown exposes shocking privacy failures across Britain's healthcare system | TechRadar

You could move from a medical practitioner to an ex-convict just for looking at patients' records Discover insights about nhs staff caught snooping on patient r

TechnologyInnovationBest PracticesGuideTutorial
NHS staff caught snooping on patient records now risk prison as sweeping crackdown exposes shocking privacy failures across Britain's healthcare system | TechRadar
Listen to Article
0:00
0:00
0:00

NHS staff caught snooping on patient records now risk prison as sweeping crackdown exposes shocking privacy failures across Britain's healthcare system | Tech Radar

Overview

News, deals, reviews, guides and more on the newest computing gadgets

Start exploring exclusive deals, expert advice and more

Details

Unlock and manage exclusive Techradar member rewards.

Unlock instant access to exclusive member features.

Get full access to premium articles, exclusive features and a growing list of member rewards.

World's largest health organization threatens to jail or fire staff reading patient data 'without legal justification

You could move from a medical practitioner to an ex-convict just for looking at patients' records

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Jail time now joins dismissal for unlawful access to confidential medical records

High-profile crime victims' records triggered tougher NHS privacy enforcement nationwide

The initiative includes screensavers and posters across NHS organisations reminding workers not to let curiosity override professional and legal boundaries.

Staff who breach these confidentiality rules risk disciplinary action, dismissal, regulatory referral, or even imprisonment under existing data protection legislation.

The campaign follows several recent dismissals linked to staff who unlawfully viewed records connected to victims of high-profile crimes nationwide.

NHS England specifically cited unlawful access incidents involving the 2023 Nottingham attacks and the 2024 Southport knife attack, both of which drew significant national attention.

Palantir's 'unlimited access' to patient data — everything you need to know about the US tech giant's controversial £330 million contract with the NHS

Palantir contractors working for NHS to receive ‘unlimited access’ to patient data

NYC Health + Hospitals data breach sees personal data of around 1.8 million people stolen

“Patients must be able to trust that their personal information is kept confidential by the NHS – any instance of staff looking at records without a valid reason is wholly unacceptable, a disgraceful breach of patients’ trust and against the law,” said Sir Jim Mackey, NHS Chief Executive.

He added that most staff manage patient information appropriately, although a limited group has seriously damaged that confidence through inappropriate access.

New guidance has now been issued outlining different categories of unlawful access, alongside advice on monitoring and conducting regular audits.

Some newer electronic patient record systems can reportedly flag suspicious activity in real time, helping organisations identify unauthorised access quickly.

Breaches can be reported to both the Information Commissioner's Office (ICO) and police, who may pursue criminal prosecution under the Data Protection Act 2018.

Health data from UK Biobank spotted for sale in China – Government confirms medical info from 500,000 participants involved

How technology delays are affecting NHS staff productivity and patient services today

Healthcare cyber risk grows as visibility gaps expose third-party threats

The ICO reiterated the expectations of patients and staff, as well as the consequences of this illegal action.

“When people seek medical care, they share some of their most sensitive personal information in the trust that it will be kept safe,” said Paul Arnold, Chief Executive of the ICO.

“Unauthorised access to those records is not just a breach of data protection law — it is a betrayal of that trust, with real and lasting consequences for patients and their families…Staff who breach that trust face serious consequences: loss of employment, removal of professional accreditation and criminal prosecution.”

The temptation to access patient records unlawfully often increases when cases attract widespread public attention.

"When a local incident becomes national news – a serious crime, a public tragedy, a story that captures widespread attention – there is an increased risk that healthcare staff could be tempted to look at records they have no reason to view," Arnold added.

“Anyone considering accessing records for personal reasons or out of curiosity should be in no doubt they could be putting their career at risk, and may face disciplinary action, dismissal, referral to the regulator or even time in prison,” said Sir Jim Mackey.

Findings show that 18 staff members at York and Scarborough Teaching Hospitals wrongfully accessed patient records since 2021.

Eight of those 18 cases were subsequently referred onward to the ICO for further formal investigation.

Another investigation began after up to 40 staff members reportedly accessed the medical records of a three-year-old boy injured in a crocodile enclosure incident near Huntingdon.

Cambridge University Hospitals said restrictions had already been placed on the child's records and confirmed any staff lacking legitimate clinical or operational reasons would face disciplinary action, including dismissal.

Offences under the Data Protection Act 2018 and Computer Misuse Act 1990 can carry fines and prison sentences for those convicted.

The scale of these repeated incidents suggests that existing safeguards have not consistently deterred staff from unlawfully viewing sensitive records.

“Having the ability to view a record is not the same as having a legitimate need to do so. Every member of staff has a personal responsibility to respect that boundary…” Arnold added.

Follow Tech Radar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.

Efosa has been writing about technology for over 7 years, initially driven by curiosity but now fueled by a strong passion for the field. He holds both a Master's and a Ph D in sciences, which provided him with a solid foundation in analytical thinking.

You must confirm your public display name before commenting

1 World's largest health organization threatens to jail or fire staff reading patient data 'without legal justification

2A mosquito-hunting killer drone is available for preorder – and I have questions

3 Heading to a festival? These are the best power packs to keep your devices juiced up

4 Netflix viewers are abandoning shows after their first season — here's why

5 More and more US employees back forcing AI companies to transfer half of their stock into a public wealth fund

Tech Radar is part of Future US Inc, an international media group and leading digital publisher. Visit our corporate site.

© Future US, Inc. Full 7th Floor, 130 West 42nd Street, New York, NY 10036.

Key Takeaways

  • News, deals, reviews, guides and more on the newest computing gadgets
  • Start exploring exclusive deals, expert advice and more
  • Unlock and manage exclusive Techradar member rewards
  • Unlock instant access to exclusive member features
  • Get full access to premium articles, exclusive features and a growing list of member rewards

Cut Costs with Runable

Cost savings are based on average monthly price per user for each app.

Which apps do you use?

Apps to replace

ChatGPTChatGPT
$20 / month
LovableLovable
$25 / month
Gamma AIGamma AI
$25 / month
HiggsFieldHiggsField
$49 / month
Leonardo AILeonardo AI
$12 / month
TOTAL$131 / month

Runable price = $9 / month

Saves $122 / month

Runable can save upto $1464 per year compared to the non-enterprise price of your apps.