I got together with my new boyfriend in July last year. He had been in a relationship with the doctor at Addenbrooke’s for several years but that had ended three months earlier, in April. They had separated amicably but she had then changed her mind and had second thoughts about splitting up.
Early on in our relationship she asked him for my name. Within weeks she had started to access my health records. My boyfriend began to become concerned that she was contacting him regularly, asking to see him and telling him stuff about me. He felt unnerved by her actions. It’s normal to be jealous when your ex gets together with someone.
She implied to my new boyfriend that she could find out anything about me and demonstrated this by telling him things she knew about me, such as where I lived and details about my sister and children.
She was really interested in my sister. That was weird. She claimed to have both our phone numbers. I thought, “Who’s given her this?” Very few people have both our numbers. She claimed that someone in her choir had given them to her.
By this stage my boyfriend was unsettled and alarmed by her behaviour. He was worried that she was going to do something embarrassing to him, like turn up at my work or make a scene or do something in the street. He was quite concerned.
In mid-August she contacted a parent at my children’s school who is also a doctor and asked for information about me and said she was conducting “a background check” on me.
And at one point she rang me from a withheld number. She asked: ‘Is that [woman’s name]?” I said yes. She said: “Hi, it’s [doctor’s name].” I said: “Hi,” though I was thinking: “Is this really you?” Then it went silent for a few seconds. I said hello again and then she rang off.
My sister and I became suspicious that the doctor might have accessed our medical records when she told my boyfriend highly personal information, including sensitive details about a family tragedy and about my children. We knew that was in my GP records but not my hospital records.
My sister and I asked Addenbrooke’s to do an audit of who had accessed our records. My audit showed that 19 named health professionals had accessed my records, all but one legitimately. When I saw her name on the audit I began shaking uncontrollably in quite a violent way. My knees were literally knocking together, like in a cartoon. She had accessed 87 documents in my records on seven separate dates during August and September, including my GP records three times. On several occasions she had done this while on holiday in California.
I guess it’s that thing of being stalked. I’m quite a rational person. I wasn’t scared of her. But it did affect me a lot. In a way I was quite relieved when I saw her name because she had claimed that she’d got the information about my sister and me from mutual friends, parents at my children’s school and gossip. That had left my sister and I wondering for weeks who had betrayed us by sharing personal information about us. But no one had. The doctor had been making that up. She had got the information by using Epic, the Addenbrooke’s hospital records system, to access my GP records through a separate system of GP records called GP Connect.
At that point I did become frightened because I realised that this woman had an unhealthy interest in me and my sister and was spending time going through my medical records. It felt violating that she had managed to access details of my life that were private, involving me and my children, that I hadn’t shared with others but had shared with my GP. That’s what was so upsetting.
I felt anger, fear, shock and horror that she had obtained my data and shared it.
I am very disappointed that there seems to be such a lack of sanctions for personal data breaches by doctors like mine. Addenbrooke’s apologised and told me they’d investigated what happened and disciplined the doctor – but refused to tell me what action they’d taken. That’s very frustrating.
I’m really concerned that NHS England are continuing to roll out access to GP Connect to growing numbers of health and care staff. We as patients who use the NHS have not actively agreed to that happening. When we talk to a GP, it may be at the most vulnerable point in our lives. Why is access to the most private details of our lives being so widely shared? They can be accessed from the pub from a mobile phone. In my case the doctor accessed my data from California while on holiday. This broad and unchecked system just cannot be compliant with data-sharing laws.”
