Patient email addresses in hospital data breach

Staff will receive additional training as a result, bosses at Derriford Hospital have said
- Published
Hospital bosses have apologised following a data breach which exposed dozens of patients' email addresses.
The deputy chief executive of University Hospitals Plymouth, which runs Derriford Hospital, said there had been a "genuine error" when sending a complaints survey.
Sarah Brampton said the recipients' email addresses were not blind copied, which meant the addresses were "inadvertently visible" to all 31 people the survey was sent to.
Barrie Skinnard, who was one of the people whose emails was affected, said he wanted to "make sure it doesn't happen again".
The 62-year-old from Plymouth had attended an appointment at Derriford Hospital with his wife on 8 September.
Due to what he said were long waiting times, Mr Skinnard returned home and complained to the hospital.
He then received a complaints survey with 30 other people copied in.
Mr Skinnard said he was worried "something bad" could happen such as identity theft.
"Now people have my email," Mr Skinnard said.
"I just want to make sure it doesn't happen again."
Staff to receive training
Ms Brampton said the breach had been reported to the Information Commissioner's Office.
"This was a genuine error and it was reported immediately as a data protection incident," Ms Brampton said.
"All affected individuals have been informed of the breach and we have offered our apologies for any concern it may have caused."
She added staff would receive support and training to "strengthen" internal processes.
"Safeguarding the confidentiality and trust of those who use our services remains an absolute priority," she added.
Follow BBC Cornwall on X, external, Facebook, external and Instagram, external. Follow BBC Devon on X, external, Facebook, external and Instagram, external. Send your story ideas to spotlight@bbc.co.uk, external.