Data breach as Corby vaccine trial participants' details inadvertently shared | Northamptonshire Telegraph

Data breach as Corby vaccine trial participants' details inadvertently shared
"It's absolutely disgraceful."
By Sam Wildman
Tuesday, 1st February 2022, 9:59 am
Updated
Tuesday, 1st February 2022, 10:00 am

A Corby medical research team has apologised after those taking part in the town's Covid vaccine trial inadvertently had their details shared.


Lakeside Healthcare Research has been running a trial of a new Valneva vaccine since last year, with Corby being one of 27 UK study sites.

Many local people joined the 13-month trial, which was likely to attract predominantly younger people as those who signed up had to be unvaccinated.

Sponsored Links
Recommended by
Spending rises to create #growth for #SME businesses in 2022 but still #risk #insolvency
Spending rises to create #growth for #SME businesses in 2022 but still #risk #insolvency
Learn More
Euler Hermes UK


Covid vaccine, library picture
Covid vaccine, library picture

Yesterday (Monday) the trial's Corby research team sent an email to participants about having a booster jab - but accidentally made the email addresses of everyone who is taking part available to view.

One Corby woman who took part, who did not want to be named, said: "Within that email they copied every single person who has been on that trial. You could see everyone's personal email address.

"It's personal information and it's absolutely disgraceful. If you're taking part in a medical trial you don't always want people to know that.

"There were people responding saying 'yes count me in' and they were completely unaware."


When she rang Lakeside to complain the research team said they had recalled the email after the data breach, meaning those who had not opened it shouldn't be able to.

But those who had already seen the email already had access to everyone's contact information, meaning Lakeside had failed its responsibility to control personal data.

The Corby woman, who opted out of the trial in November so she could travel as Valneva wasn't approved for vaccine passports, said: "It's a massive GDPR breach. It's just really sloppy.
ADVERTISING



"They've recalled the email but people on the trial need to be aware that their details have been shared."


Lakeside say internal re-training will take place immediately to ensure this does not happen again.

They will also be conducting an internal review to investigate how the incident happened.

Dr Amardeep Heer, director of research and innovation, said: ‘Regrettably an email was sent out to participants of a vaccination project being run by the Lakeside Research Team, based in Corby, with all email addresses visible, rather than blind carbon copied, as is the required and normal method.

"The Research Team, which is a separate entity to the Lakeside Surgery, took immediate action, apologising to participants and asking them to delete the original email.


"This was an administrative error and, other than email addresses, no other patient or personal identifiable information was breached.

"The Lakeside Research Team takes privacy issues very seriously and trains administrative staff how to send electronic communications securely and compliantly. In response to this isolated and unfortunate incident all protocols and practices are being reviewed to ensure it cannot be repeated.

"We would like to apologise again to those affected and we are in the process of contacting everyone involved. The relevant authorities have also been notified."

A total of 4,000 participants were due to be recruited across the UK for the trial with everyone involved receiving two active vaccine doses, administered in a four-week interval.