56-dean-st-300x225Social media and the news sites are abuzz over the news that 780 people received their regular newsletter from 56 Dean Street – a London-based sexual health clinic – but the names of other recipients had been shown.  It was a simple, and very human, error but a gross breach of data protection.  It also highlights flaws in the systems that Dean Street use.

Patrick Strudwick on Buzzfeed and Tom Hayes on BeyondPositive have both drawn upon concerned recipients of the email in their news stories and Hayes has been touring the news studios this afternoon.

It is a dreadful blunder by the clinic and so far – to the best of my knowledge – the names have not leaked.  Were they to do so, the story would move from one of clinic cock-up to one of division within the positive ‘community’.  For now, the heat remains firmly on 56 Dean Street who now face a potentially significant fine from the Information Commissioner.

I’m not one of those affected by the breach.  If I was, my reaction would probably be one primarily of worry, worry that my data was now ‘out there’ and could be posted to a blog at any moment.  I would be frustrated that there’s no way of getting it back.  Data doesn’t work like that.  I also hope – but I can’t be sure – that I would be worried that a service I’ve been using would not be better off with a massive funding cut courtesy of a fine, and I think I would want reassurances that they have changed their systems in response.

This is dreadful episode, but let’s not get lost in a feeding frenzy of Internet traffic seekers and those seeking to ‘stir’ or benefit rom this breach.  That doesn’t help the people who are the victims of this incident.