Call FREE Request Call Back
Medical Negligence Solicitors

Have Your Medical Records Been Spied On?

Public bodies and organisations have a duty to store the sensitive data they hold securely and responsibly. If you have fallen victim to a breach of confidentiality by a medical professional and have suffered financially or emotionally you may be entitled to make a data protection breach claim.


reviews on
Company Logo

You could be entitled to medical data breach compensation

When you visit your local GP surgery, dental practice, hospital or other medical facility, you expect that your personal details and health records will be updated and stored safely. While there are certain cases where it is acceptable for members of different medical departments to be granted permission to access your files as part of your treatment, typically this information is on a need-to-know basis and must not be used in ways you have not permitted.

However, there are instances where, despite being regulated by GDPR and the Data Protection Act 2018, some medical facilities fail to properly protect your personal data. This is where your personal data gets into the wrong hands or is seen by the wrong people. It may be a data breach after medical records were lost, or it could have happened as part of a malicious act or by a hacker.

Whatever happened, if there has been a data protection breach and your medical records have been accessed by an unauthorised individual, you may have grounds to claim for lost medical records or medical data breach compensation. Here at Been Let Down, we have a team of legal experts who may be able to help with your case.

What is a data protection breach?

When you speak to one of our solicitors about the lost medical records or the medical data breach that you have experienced, you will be told what a breach is and the regulations that protect you in these circumstances.

Data protection is the process put in place to safeguard private or important details, such as your medical records, from corruption or loss. A personal data breach is a security breach that results in personally identifiable information being lost, destroyed, altered or accessed in ways you have not authorised.

Whether this was a deliberate, accidental or illegal act does not matter. You can still go on to make a compensation claim for the damage the medical records data breach has caused you.

There are laws and policies that make it illegal to share certain information about people without their knowledge or their permission. These include the Data Protection Act 2018 and GDPR, which are legislation that make it possible for the Information Commissioner’s Office (ICO) to fine organisations who breach data rules.

Since Brexit, the EU GDPR regulation no longer applies to the UK. However, the GDPR has been incorporated into UK data protection law. This means that the principles, rights and obligations in the EU version are very similar to the UK version that we now follow. Additionally, the Data Protection Act 2018 still applies, with some amendments so that it works in a UK-only framework.

What could be the impact of a medical records data breach?

Whether you are claiming because of lost medical records or want compensation for another type of medical data breach in the UK, it is likely you are experiencing the emotional fallout of what has happened. It can be common for claimants in this type of case to be angry, stressed and anxious about the sensitive personal information that could have fallen into the wrong hands.

If you are feeling these emotions, you may find that your personal and work life are suffering. As well as the impact on your own well-being, it can affect those around you. In turn, this can damage relationships with loved ones and colleagues, and affect your productivity levels at work.

As a medical records data breach is likely to contain your personal details as well as your medical information, there is a risk that your data could be used by criminals to apply for credit cards or to get into your bank accounts. This can have a serious impact on your financial well-being and lead to you feeling more stressed.

If your medical data has been lost or stolen, speak to the team here at Been Let Down as soon as you feel able.

What are the types of medical records data breaches?

There are several examples of medical data breaches that mean personal data has fallen into the wrong hands or been seen by someone it should not have:

  • A copy of your medical records, or part of your records, have been sent to the wrong address or wrong person
  • Non-medical staff read your records because a computer terminal was left unlocked
  • NHS staff accessed your medical records when there was no medical reason for them to do so
  • A letter about your medical care was emailed or posted to the wrong address
  • Documentation containing information that identifies you was not disposed of securely
  • The medical computer system was hacked or infected with malware, spyware or ransomware
  • Your prescription was given to the wrong patient and your personal details were identifiable. For example, the other patient could see your home address
  • A medical organisation used data containing your information in a trial and you were never asked for permission for them to do this

These are just some of the medical data breach incidents that might apply to your case. If you suspect your information has been lost, stolen or given to the wrong people and you have suffered as a result, get in touch. We are experienced in handling claims for medical data breach compensation and will help you through the process.

Who can I claim against?

According to the GDPR, the organisation that is holding your personal information is the data controller. The data controller explains why your data is needed and how it will be processed. The ICO will investigate the data controller in charge of your medical data in the event of a breach.

In the case of medical records data breaches, the data controller can be your GP surgery, pharmacy, dental surgery, hospital or hospital trust. It can also be individual members of staff, private healthcare providers or companies, and opticians.

When you speak to us about your claim, we will establish who you will be claiming against.

How do I make a claim?

If you think you have fallen victim to a breach of data protection and your medical records have been accessed by the wrong people, stolen or lost, speak to a specialist data protection solicitor. Been Let Down has an extensive track record of successful legal representation in the field of data protection and media-related claims. Our experienced legal team can provide a diligent and highly competent approach in representing your claim.

For a confidential and free conversation with a legal expert in this field, without obligation, get in touch with Been Let Down today. Contact us through our online claim form or by calling us on 0800 234 3234. You will then be contacted by a member of our specialist medical negligence team.

During your initial call, we will find out what happened. Make sure you have as much information to hand as possible so that our experts can assess your claim. You will be asked questions about the breach and we will work with you to find out the best course for seeking lost medical records or medical data breach compensation.

We will tell you how much their services will be and how much you will be likely to receive if your compensation claim is successful. We will also advise you if we can take your case on a No Win No Fee basis. Should we not think that we can take your data breach claim forward, we will let you know straight away.

However, most people who come to us about a medical data breach have a valid claim that we believe can succeed. We will work with you during that initial call and let you know what happens next. We guarantee our expert legal team will support you every step of the way on your journey to justice and compensation.

Are there time limits?

As with all types of compensation claims, there are time limits to be aware of. Typically, data breach claims need to be submitted within six years from when the breach took place.

We always recommend that clients speak to us as soon as they can after they discovered the medical records breach. This is because you are more likely to have documentation that can be used as evidence in your case.

Why choose Been Let Down?

We are leading medical data breach solicitors for the UK, providing the very best legal advice and representation for claimants across England and Wales.

Here are some reasons why we are a good choice:

  • Fully accredited

We are authorised and regulated by the Solicitors Regulation Authority (SRA). The SRA set the professional standards that solicitors need to adhere to in England and Wales.

  • We’re experts in our field

Our expert team is skilled in handling a range of claims and can help with different types of medical records data breaches.

  • A proven record of success

We are successful. So, if we think your case could have the potential to win, it probably will.

  • Supporting you at all times

We know you have been through a lot and pride ourselves on offering a supportive service. We will guide you through every stage of the claims process with care.

If you think you have grounds for a claim, speak to us today. Our initial conversations are provided free of charge and you are at no obligation to pursue a claim. Even if you are unsure about whether you could have a case, it is worth speaking to us to explore your options.

Contact us today

Get in touch now and find out how we can help with your case if your medical records have been spied on. We will help you secure the medical data breach compensation you are entitled to.

Call us on 0800 234 3234 or contact us and a member of our legal team will call you back.

Contact us today

"*" indicates required fields


Bond Turner Tracking

This field is for validation purposes and should be left unchanged.