The NHS has apologised after personal information of 132 patients of a disgraced surgeon were leaked for a second time.
Professor Sam Eljamel worked at NHS Tayside as a neurosurgeon from 1995 until he was suspended in 2013.
The Patients’ Action Group for Eljamel Public Inquiry estimates 172 people are known to have been harmed by him.
An initial leak of patient information took place in February 2024, however the breach was not identified until a Freedom of Information enquiry was submitted ten months later.
As the health board carried out an investigation it was revealed that an anonymised version of the spreadsheet was sent to Professor Wigmore, which also is classed as a data breach.
And in a letter to 132 of Eljamel’s patients, NHS Tayside’s board secretary confirmed a second breach has since occurred.
The independent review chair has since deleted both versions of the spreadsheet.
Margaret Dunning said a spreadsheet, which contained patients’ names, addresses, details about their operations, whether a complaint was made and if the patient took legal action, was sent to the chair of an independent review into Eljamel’s cases, Professor Stephen Wigmore.
The letter, seen by STV News, read: “My name is Margaret Dunning and I am the board secretary for NHS Tayside.
“I am writing to you today on behalf of NHS Tayside to regrettably inform you of a breach of your personal data, as defined by the Data Protection Act 2018.
“NHS Tayside sincerely apologises to you for this breach and would like to assure you that we take the security of your personal data very seriously.”
In the correspondence issued to patients, the health board states that it has reported the incident to the Information Commissioners Office.
STV NewsDavid Vile is one of the patients who received the letter confirming that his details had been leaked.
He was operated on twice by the disgraced neurosurgeon.
The second spinal surgery he received in 2009 left him with no feeling in his left leg and foot. It also cost him his job.
Mr Vile, from Kirriemuir, was stunned when he received the correspondence from NHS Tayside
He told STV News: “It was a shock that there was yet another (data breach).
“We’d been assured that this would not be happening but this time its 132 Eljamel patients.
“That one really takes the biscuit. It’s unbelievable.”
A public inquiry was announced by former first minister Humza Yousaf in September 2023.
Mr Vile believes the breach could jeopardise the independent review.
The concerned patient added: “As far as I’m concerned this could prejudice the way they look at things.
STV News“They are getting information before meeting the actual patient. The whole point of this is to meet the patients and find out what has happened.
“Receiving this information seems as though it will have an adverse affect in my opinion.”
Lead campaigner Jules Rose – who was Prof Eljamel’s final victim – believes NHS Tayside still hasn’t learnt from their previous mistakes.
She said: “I’m absolutely gobsmacked.
“It’s extremely disturbing to hear. yet again, that this health board continually breaches data rights for patients.
“The trauma and pain we’re going through is enough and yet they continue to keep kicking us when we’re down.
“More importantly they’re getting away with this.”
A spokesperson for NHS Tayside said, “A spreadsheet containing details of people who had contacted NHS Tayside regarding Professor Eljamel between December 2022 and February 27 2024 was shared with the Chair of the Independent Clinical Review (ICR).
“We have written directly to those affected to inform them of this error and to sincerely apologise.
“We have explained to the patients involved how this happened and the steps we have taken.
“We contacted the chair of the ICR to inform them of this breach, and to ask them to destroy the information, and any copies of the information that had been made. The chair of the ICR confirmed that they have taken all necessary steps to securely destroy the information and that they have not shared it with anyone else.
“The breach has also been reported by NHS Tayside to the Information Commissioner’s Office.
“The chief executive has commissioned a learning review to evaluate the systems and processes in place, identify improvements required to data security across NHS Tayside and make recommendations for organisation-wide learning. This data breach will be included as part of that review.”
Follow STV News on WhatsApp
Scan the QR code on your mobile device for all the latest news from around the country
