Cambridge University Hospitals NHS Foundation Trust in Cambridge, UK, has apologised after two patient data breaches compromised the private information of 22,446 of its maternity care and cancer patients.
According to the trust, the data was mistakenly released during responses to Freedom of Information (FOI) requests.
The compromised data included the names, hospital numbers and some medical information of patients, but did not expose their home addresses or birth dates.
The trust said there was no evidence of the breached data being further accessed or shared.
The first case involved a leak of maternity patients' data, which was offered in a FOI request through the website What Do They Know.
This breach exposed the names, birth outcomes and hospital numbers of 22,073 maternity care patients at The Rosie Hospital from 2 January 2016 to 31 December 2019.
Cambridge University Hospitals NHS Foundation Trust said it was informed of the leak by What Do They Know, who promptly deleted the data from its website.
A subsequent review by the Trust uncovered another breach, which compromised the information of 373 cancer patients participating in clinical trials at the hospital.
In this case, the data was given as part of a FOI response to Wilmington, who has confirmed that the information has been removed.
Cambridge University Hospitals NHS Foundation Trust CEO Roland Sinker said: “While there is no evidence in either case of the information being accessed or shared beyond the original recipients, we recognise that such errors are unacceptable given our clear duty to maintain the confidentiality of patient information.
“We want to apologise unreservedly to our patients for the worry and concern that this news may cause.”
The trust said it had notified the Information Commissioner’s Office about the breaches, taken immediate measures to improve FOI processes and set up a freephone helpline to answer any queries from the patients.