back to article Q: If Pesky Pepper had a peek at patient papers, at how many patient papers did Pesky Pepper peek? A: 231

A bored trainee secretary at a GP practice has been fined for snooping on the health records of colleagues, friends and strangers. Hannah Pepper has to pay £1,028.75 after she was found to have illegally accessed 231 patient files while working at the Fakenham Medical Practice in Norfolk, an eastern county in the UK (for US …

  1. James O'Shea Silver badge


    In the US, HIPAA would have applied. The Feds would Not Have Been Amused. As far as I can see, m'girl would, at the least, have been liable for up to US$50,000 per offense to a max of $1,500,000. Or, if the judge wanted to heave the book at her (and he'd be a federal judge, they just love to throw the book, have a nice lapdog prosecutor go and retrieve it, and then throw it again) a fine of $50,000 per offense plus one year per offense ranging up to $250,000 per offense and 10 years in a federal pokey per offense, should the judge feel that there was an attempt to 'use individually identifiable health information for commercial advantage, personal gain or malicious harm'. That 231 offenses. If she gossiped about even one, that's malicious harm, and she's looking at up to $250,000 and 10 years times 231. In the real world even the feds don't go for the max unless you piss them off, but they can if they want to.

    M'girl got off lightly.

    There is a reason why some people refuse to do any work involving health info. HIPAA has very big, very sharp, teeth, and the feds deploy it with fell intent. Note that several of those cases involve people who did less than what m'girl did, and got seriously hammered.

  2. EnviableOne Bronze badge

    Re: HIPAA

    GDPR has bigger teeth, and if she was hit under that, lets just say bancruptcy would have been on the horizon.

    Even now, she will struggle to get a job with this on her record

  3. Pascal Monett Silver badge

    "at times she struggled with the monotony of some of her tasks"

    Pinterest is your friend, my dear.

    At least there, you will not indulge yourself in the private details of people you know.

  4. TrumpSlurp the Troll Silver badge


    Obviously didn't include the audit trail.

  5. onemark03

    @ Ian Johnston (Re: Re: It would be serious if there was malice involved):

    The precise harm is also the small matter of violation of personal privacy...

  6. UncleDavid

    Why do you define "Norfolk" for the Yanks (who could easily look it up in their favorite mapping app) and not define "surgery"? (US: "Physician's Office". No scalpels involved).


POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2018