Cambridge University Hospitals Refers Itself to ICO After Crocodile Attack Boy's Records Accessed

Cambridge University Hospitals NHS Foundation Trust has confirmed it referred itself to the Information Commissioner's Office (ICO) following an unauthorised access of a patient's medical records. The breach involved an employee at Addenbrooke's Hospital improperly viewing the medical file of a child who had sustained injuries in a crocodile attack.

The incident came to light after the child, a young boy, was admitted to Addenbrooke's for specialised care following the attack. Details surrounding the employee's motivation for accessing the confidential information have not been publicly disclosed.

The Trust issued a statement indicating that it takes such breaches with utmost seriousness and has initiated a thorough internal investigation. "We can confirm that we have referred ourselves to the ICO regarding a data breach," a spokesperson stated. "The Trust is undertaking a comprehensive investigation into how a member of staff inappropriately accessed a patient's records."

The ICO, the UK's independent authority established to uphold information rights, will now assess the specifics of the breach and determine whether further action is warranted against the Trust or the individual involved. Penalties for data protection breaches under the General Data Protection Regulation (GDPR) can be substantial, underscoring the gravity of unauthorised access to sensitive patient data.