Skip to main content
Advertisement

Southport Attack Victims’ Records Accessed Inappropriately by Ambulance Staff

An NHS ambulance trust investigates claims staff improperly accessed medical records of Southport attack victims, prompting calls for a full review of data breach policies.

·6 min read
Bunches of flowers and teddies lined up against a wall next to a road sign reading Tithebarn Road.

Investigation into Ambulance Staff Accessing Victims' Records

Victims injured during a children's dance class attack in Southport's Hart Street in July 2024 have been at the center of a new investigation. An NHS ambulance trust is examining allegations that its staff improperly accessed the medical records of those affected by the Southport attack.

The father of one of the young girls seriously injured in the July 2024 incident expressed his shock and condemnation over the possibility, accusing North West Ambulance Service (NWAS) staff of acting out of "morbid curiosity." This follows revelations in May that dozens of employees at Aintree Hospital, where some victims were treated, had viewed patient records without justification.

NWAS chief executive Salman Desai stated:

"We have identified concerns about potential inappropriate access to patient records and are formally investigating the matter."

During the attack, three young girls—Alice da Silva Aguiar, Bebe King, and Elsie Dot Stancombe—were murdered, and ten others sustained physical injuries.

The father of a 13-year-old girl who survived the attack but was seriously injured said:

"It is a complete breach of trust in our darkest hours as a family and dampens how you feel about the amazing work they do to save lives.
It was already incredibly difficult to think that staff at Aintree hospital had needlessly pried into our daughter's condition."

Due to an anonymity order protecting his daughter, who had been assisting in supervising the dance class before she was stabbed in the back and arm, the man cannot be identified.

Solicitors representing the girl and 21 other survivors of the attack are demanding a comprehensive review by NHS England of the guidance and disciplinary procedures concerning inappropriate access to patient data by staff.

This demand follows NHS University Hospitals of Liverpool Group (UHLG) admitting in May that nearly 50 staff members at Aintree Hospital had improperly accessed medical records of some injured victims shortly after the attack.

Fletchers Solicitors, investigating this breach, reported that while reviewing documents provided by UHLG, they discovered indications that North West Ambulance Service staff might also have accessed their client’s records without valid cause.

Multiple Instances of Unauthorized Access

The solicitors noted a document suggesting that fewer than 10 individuals within the ambulance service may have accessed the incident records inappropriately.

The father commented on the discovery:

"After learning about the Aintree incident, to then learn that ambulance staff have done the same and we have only found out by raking through these documents is appalling."

He added that the NHS trusts have yet to confirm whether photographs of their daughter's injuries were viewed by staff, leaving them uncertain about what information has been accessed.

Advertisement
"The decision to share what happened to her should have been our daughter's to make, now nobody can guarantee what data was shared and retained," he said.
"They've had multiple chances to tell us about this but instead we have been left to discover it all two years later, when we should be focusing on recovering and moving forward."

Fletchers Solicitors also stated that while the ambulance trust is not formally disciplining staff involved, it has strengthened its human resources procedures for handling future incidents.

Survivor Speaks Out on Data Breach

Leanne Lucas, the instructor at the Taylor Swift-themed dance event where the attack occurred and one of the three adult survivors, described herself as "devastated and horrified" by the latest potential data breach.

"Life has never been the same since 29 July 2024, and so many people are still living with the trauma of that day," she said.
"To now learn of another potential data breach is deeply upsetting, particularly after staff at NHS University Hospitals of Liverpool wrongly accessed my medical records. It feels like insult added to injury."
"I am now waiting to hear from the ambulance trust as to whether my records were accessed by staff there.
Whatever the outcome, I hope there is a thorough investigation, full transparency for everyone affected, and robust measures put in place to ensure this can never happen again."

Leanne Lucas, who has long wavy dark hair, and is wearing a white t-shirt with a circular logo with the catchphrase 'Let's Be Blunt' on the front. She is standing in a kitchen looking into the camera with a determined expression.
Image caption, Leanne Lucas was critically injured and required multiple surgeries after the attack

Concerns Over NHS Culture of Unauthorized Access

Nicola Ryan-Donnelly, associate solicitor at Fletchers Solicitors, commented on the broader implications:

"The recent string of patient data breaches has shown there is a deep-rooted culture of snooping within the NHS.
People who are seriously injured or dying should not have the added worry that they are being pried on, as they are rushed into hospital fighting for their lives.
We want to see a full review by NHS England of the current policy governing all NHS staff on inappropriate patient data breaches."

Salman Desai added:

"We will contact families and patients who may have been affected as our enquiries progress.
Any inappropriate access to patient information will be treated extremely seriously. We are deeply sorry for the concern and distress this may cause."

NWAS has informed the Information Commissioner's Office (ICO) about the investigation.

UHLG, which manages Aintree Hospital, previously described the breach there as "inexcusable" and stated that changes had been implemented, although no staff members were dismissed.

An ICO spokesperson said:

"NWAS had made us aware of their internal investigation into the potential inappropriate access of medical records by staff.
As this is ongoing, we will assess any evidence provided in due course and consider our next steps, including whether any criminal investigations need to be opened for breaking data protection law."
They added the ICO was supporting organisations to address the wider issue of data breaches across the health sector, working closely with the National Data and NHS England.

Other Recent NHS Data Breaches

There have been multiple recent incidents of NHS staff accessing medical records without valid reasons.

In June, Cambridge University Hospitals announced an investigation after around 40 staff members accessed the medical records of a three-year-old boy injured in a crocodile pit incident.

In May, Nottingham University Hospitals NHS Trust reported that 11 staff members were dismissed and 14 others faced disciplinary actions for inappropriately accessing medical records of victims of the Nottingham stabbing.

Contact and Engagement

Readers are encouraged to suggest stories for coverage on Merseyside.

Listeners can access the best of BBC Radio Merseyside on Sounds and follow BBC Merseyside on Facebook, X, and Instagram. Story ideas can also be sent via WhatsApp to 0808 100 2230.

This article was sourced from bbc

Advertisement

Related News