Scottish doc swerves charges for snooping A Scottish doctor accused of illegally accessing celebrities' and politicians' medical records will not now be charged with any offences. Dr Andrew Jamieson, who worked at Queen Margaret Hospital in Dunfermline, was charged under Data Protection legislation. He was accused of accessing emergency care summary records for prime …
Comment here suggests that " he was actually demonstrating how easy it is for anyone in the NHS to access info which they could use and sell to make a point about patient confidentiality."
http://www.home-education.biz/forum/media/9955-scottish-doc-swerves-charges-for-snooping.html
Maybe he is one of the good guys...
Fair point, but I'm not sure that it has any bearing in this case.
I think the DPA legislation is prosecuted equally and carries equal penalties on both sides of the border. Obviously IANAL so I could very well be making some stupid false assumption about the actual process. Regardless, I'm still not sure it's something that needs to be pointed out in the headline, especially since the case was dropped before going to court.
My reason for asking was: whenever anything happens not just in Scotland but anywhere "out in the provinces" (including many places within English borders) that fact often ends up as the first word of the Reg's headline. This gives the impression that it's the most important thing you need to know about a story, even when - as is usually the case - it's not.
Maybe in this case it's just assumed that nobody outside Scotland actually knows where Dunfermline is. Either way it seems a bit parochial of the Reg.
Aren't emergency care records meant for doctors to view, in emergency, if a patient turns up at a ward and needs emergency treatment but the hospital has no details about the patient, his medication etc.
Therefore I would guess that that a large section of doctors who might work in A & E would need to be able to access the emergency care record of anyone who turns up.
So it's not that the record is insecure (it would be if a plumber was reading the record and not a doctor in a hospital) but that the guy that was reading was an idiot. The good think was that he was caught which would suggest that (on this occasion) the system worked and caught someone doing something dodgy.
So it doesn't prove that the data records are not secure (no idea if they are or not) but that in any given population there is a number who are idiots and will do an idiotic thing on any system given to them.
I don't usually stick up for goverment knowing stuff about me but I would rather know that if I'm in A&E that the doctors have my notes (so they don't give me something that kills me because I'm allergic to it) than worry about an idiot doctors looking me up and then getting caught.
My 2p worth.
Clearly there is a case for giving doctors access to everyone's medical records. Wouldn't a solution be to inform patients when their records are accessed? You could exclude from this their own regular doctors, but anyone else will cause a text/email/letter.
So if you get one and were in casualty 2 days earlier then fine, otherwise you can start asking questions about who and why. OK it would cost a bit (not so much for the people with email accounts) but worth it I think.
The fun part is "appropriate". If I fall under a bus and end up in A&E, I'd like them to have access to my records - and obviously I can't arrange that ahead of time. Other NHS services - generally, we know who's coming and can gain permission. But once you're "in the system" granularity of access is a nightmare. If you're admitted to my hospital with a chest infection, your lab results go into the general system. Can the surgeons see your results? Yes - but they usually won't be interested unless you get transferred to their care. We COULD apply tighter restrictions, but generally we don't. The rule is not "You can't" - because we know that never works! - but "You shouldn't - and we're watching." If someone access records inappropriately action should be taken - but IANAL and I don't know if DPA would work here.
However, professional behaviour is not enforced by the law, but by professional bodies. I don't know why the (Scottish equivalent of the) Crown Prosecution Service decided not to prosecute, but I suspect the GMC may still have an interest.
He hasn't necessarily got off, ahem, Scot free.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
