A FORMER staff member at Withybush Hospital inappropriately accessed electronic patient hospital records, health bosses have revealed.

Hywel Dda Health Board said it has written to 41 people to provide them with information and support after its own investigation identified the breach.

The individual, an administrator at Withybush Hospital is no longer employed by Hywel Dda after breaching patient confidentiality and acting outside of NHS and the health board’s own policies on data protection and information governance.

The health board has also referred the situation to the Information Commissioner for independent investigation.

All patients affected have been contacted and offered the opportunity to discuss the situation with the health board.

Chief executive Steve Moore said: “This is a matter that we take extremely seriously and we have written to every patient directly affected to apologise for the actions taken by this individual which go against health board policies and procedures.

“We are able to reassure people that our review has shown no changes or amendments were made to records. It also produced no evidence that the information has been used by the individual for any purpose other than to view.”

He added: “We faced a similar but much larger scale breach in 2016 but it makes this none the less serious for those patients affected. We understand and acknowledge how distressing this is for those affected, especially for any who may be vulnerable, and we have set up a helpline should they wish to discuss this further with us.”

The concern was originally picked up by a manager which resulted in a full investigation. This involved collecting evidence from witnesses and reviewing the extent of the breach as the individual did have appropriate reason to access patient records as part of their job.

The Health Board has introduced an electronic system which provides a better and efficient way of checking access to electronic hospital records. Called, the National Intelligent Integrated Auditing Solution (NIIAS), it is licensed for use by all NHS Wales health boards and trusts and helps monitor electronic information systems and flag up potential instances of unauthorised access to patient information, for further investigation.

Mr Moore said: “I say with confidence that most of our staff are extremely disappointed and devastated by breaches of this nature by individuals.

“At the core of our values as NHS staff members and employees of Hywel Dda University Health Board is the obligation to protect our patients, treating their information with respect and protecting their right to confidentiality.”