South East Coast Ambulance sees massive data breach
10:04, 15 July 2020
updated: 10:39, 15 July 2020
The South East Coast Ambulance Service has experienced a massive data breach and has referred itself to a privacy watchdog.
In May, the personal and medical details of all ambulance staff could have been seen by employees outside of senior management.
An internal memo revealed that a server containing details of sick leave - including operations and mental and physical health issues - was for 10 days accessible to seven people who were not managers.
The provider notified the Information Commissioner’s Office, which is responsible for maintaining privacy rules over public information.
The issue was fixed and internal inquiries made to ensure no one had accessed the information.
A spokesman said: "We take information governance extremely seriously and took steps to address this issue when it was discovered.
"This was an isolated incident which occurred while an update was taking place to our systems and which resulted in the usual restricted access controls in place being unknowingly lifted.
"An investigation took place and it was established that during a 10-day period in May 2020 there were a small number of individuals within the Trust who could have potentially accessed personal information.
"These individuals were contacted and all, bar one, were unaware of this potential access. The remaining individual had already alerted the department involved when they became aware.
"There is no evidence that any staff details were inappropriately accessed. However, we decided to write to all staff who could have potentially been affected in the interests of transparency. We also reported the issue to the Information Commissioner's Office for the same reason.
"We are sorry for any distress this may have caused members of staff and would like to assure them that the issue has been resolved."