A STAFF member at a city GP surgery was sacked after lying about having appointments - resulting in a patient data breach.

The data breach was confirmed by Severn Valley Medical Practice, which oversees the Henwick Halt Medical Centre in St John's and the Lyppard Grange Medical Centre in Warndon.

A letter was sent by the practice informing its patients about the data breach, which relates to a discovery made on Thursday, October 26, when a member of the clinical team accessed data belonging to patients. 

The staff member has faced disciplinary action and no longer works at the practice.

The letter said: "We want to sincerely apologise for this incident, and any stress that this may cause.

"On October 26 2023, we learned that a member of our clinical team had accessed the data of some of our patients in order to manipulate their appointment book and fill their workload with unused slots.

"While we immediately suspended this individual when learning of this deeply inappropriate activity, and have reported them to their professional standards body, unfortunately your medical records were one of those accessed to fill one of those slots.

"We want to assure you that there have been no amends to your records made, except for the booking of an appointment which you did not use.

"Your data was not shared with any other organisations or individuals outside of the practice."

Severn Valley Medical Practice said the staff member was suspended while a full investigation was conducted, and advice was sought from the practice's data protection officer to ensure their actions to resolve the incident were thorough and appropriate. 

Dr Lindsay Pickerell, senior partner, and Sarah Payne, practice manager, offered assurance to patients that at no point did any data leave the practice.

They said: "As soon as we learned of this issue, we took significant steps, including suspending the staff member, and following an appropriate investigation, dismissed. 

"We notified their professional body and the Information Commissioner’s Office, and raising it with our local Integrated Care Board and Primary Care Network, to ensure this was fully investigated and all patient data remained secure.

"We have also raised this as a significant incident within our practice to ensure learnings are taken forward to ensure this does not happen again.

"Patients affected are welcome to get in touch with us if they have any concerns, and we will be happy to help resolve any questions or queries they may have."