An 82-year-old man has successfully been awarded £2,500 in compensation after suing St George’s University Hospital after sensitive information regarding his terminal illness was breached.

Edmund Pillay, from London, is suffering from bladder cancer and had undergone a serious operation as part of his treatment at the hospital.

His daughter complained to the hospital following the operation he had as she was unable with the level of care her father had received.

The hospital investigated the complaint and the response was sent to Mr Pillay’s niece, rather than his daughter, revealing the details of his terminal illness to a family member that had been previously unaware.

Mr Pillay says he is ‘a very private person’ and the data breach has left him ’embarrassed, anxious and ashamed’ to see his family.

Mr Pillay’s daughter then complained again, this time for the breach of his data and providing details to her cousin which revealed her father’s illness.

St George’s University Hospital said that their complaints generic email address had received an email to say that Mr Pillay’s niece has called the Patient Advice and Liaison Service (PALS) enquiring about a complaint.

His niece’s email was picked up by a former member of the complaints team who confused the name with Mr Pillay’s daughter, believing she recognised the name and sent an email to the staff member who had dealt with his daughter’s complaint and asked them to re-send the complaint response letter.

The member of staff then sent a copy of the letter to the email address provided in the email from the PALS team which was Mr Pillay’s niece’s email. His niece then told other family members about his bladder cancer which has been incredibly distressing.

Following the series of complaints, Mr Pillay sought legal advice from Liverpool-based High Street Solicitors who successfully secured £2,500 in compensation.

Mr Pillay explained: “Having bladder cancer has caused enough emotional distress but the breach has made this so much worse. I have been anxious, embarrassed and ashamed to see my family – I am a very private person and have been very particular about sharing my illness. Because of the breach, my niece and now other family members know and I’ve had to isolate myself from them because they have understandably been asking questions but it just makes me feel overwhelmed. I’m grateful to High Street Solicitors for their help with my case and ensuring that I was compensated for the breach of my data. Hospitals should be protecting patient information.”

Niamh Jones, Head of Data Breach at High Street Solicitors, added: “Data breaches are simply unacceptable. To think of what Mr Pillay has been through is devastating enough, but to add in a data breach where his diagnosis and treatment has been revealed to family members he’d chosen not to tell has many repercussions including causing him further distress whilst he’s unwell. It’s essential that we hold hospitals or any company that causes a data breach to account and that the person whose data has been breached is rightfully compensated. I’d urge anyone who has experienced similar circumstances to get in touch and we can advise you on taking legal action.”