European Data Protection Digest

Receptionist Poses as Hospital Employee, Breaches Act

DATA LOSS—UK

December 23, 2011

A receptionist has been found guilty of breaching the Data Protection Act after she looked at details of her sister-in-law's medical records. Usha Pawal has been given a two-year conditional discharge and must pay prosecution costs after posing as a hospital employee to request that the records be faxed to the medical center where she was employed. "Medical records contain some of the most sensitive information possible," said UK Information Commissioner Christopher Graham. "The medical centre's receptionist was in a position of trust and abused her position for her own personal gain. This case demonstrates just how easy it can be to misuse personal data."
Full Story