Over 22,000 Cambridge University Hospitals NHS Foundation Trust patients were affected by two separate data breaches due to Freedom of Information request responses. Most of the affected patients (22,073) were maternity patients, with their names, hospital numbers, and medical information like birth outcomes and conception dates being exposed. The data was available on WhatDoTheyKnow between 18 November 2020 and 1 November 2023, but it was promptly removed upon discovery. NHS England's national cybersecurity team helped the Trust ensure that the data was not available anywhere else on the internet.
During a subsequent audit of all FOI responses issued over the past 10 years, the Trust found one additional breach in which the data of 373 cancer patients in clinical trials was exposed to a private company. The Trust has asked the company to delete the data. There is no evidence that the information from either incident was accessed or shared beyond the original recipients.
What is this page?
You are reading a summary article on the Privacy Newsfeed, a free resource for DPOs and other professionals with privacy or data protection responsibilities helping them stay informed of industry news all in one place. The information here is a brief snippet relating to a single piece of original content or several articles about a common topic or thread. The main contributor is listed in the top left-hand corner, just beneath the article title.
The Privacy Newsfeed monitors over 300 global publications, of which more than 5,750 summary articles have been posted to the online archive dating back to the beginning of 2020. A weekly roundup is available by email every Friday.