medConfidential is examining possible legal action in relation to the unlawful processing of patients’ medical data by Sensyne Health plc, a private company, which has data sharing agreements with several NHS Hospital Trusts.
medConfidential has gathered evidence indicating that personal data is being transferred from the NHS to Sensyne without patients’ knowledge or consent, thereby placing the confidentiality and privacy rights of over 12 million NHS patients at risk. The company and Trusts claim that the data transferred is anonymous and therefore not covered by GDPR –medConfidential has evidence that at least some of the data is merely pseudonymised. This means it is still personal data under the law and in practice, and that it exposes patients to privacy risks and potential data protection infringements.
Between 2021 and 2022, medConfidential received legal advice from Bindmans LLP on the potential remedy or remedies to seek in proceedings, the best choice of claimants, and the viability of and evidence required to pursue a legal claim on this issue.
In April 2022, Sensyne confirmed it needed to refinance and that it would delist from the AIM stock exchange. medConfidential sent a letter to all relevant NHS Trusts, advising them to terminate their contracts, and to ensure that Sensyne deletes all of the patient data that it has already received from them.