Hundreds of HIV-positive patients have their identities revealed in e-mail error

Anna Hodgekiss reports on the Mail Online that a sexual health clinic in London’s Soho has revealed the names of up to 780 HIV positive patients in an e-mail error.

The error involved patients who had signed up to the Clinic’s Option E service when a monthly newsletter was sent out. It appears to have occurred when the newsletter was sent out using an open group circulation list rather than as a blind copy.

The clinic tried to recall the message using Microsoft Outlook’s recall function and then sent another e-mail apologising for the error and asking recipients to delete the message.

Comment from the Newsblog Editor:

A mistake like this is easy to make on an e-mail client like Microsoft’s Outlook, where an e-mail list can easily be mistakenly copied into the wrong field and sent out as a CC (carbon copy) to all recipients, rather than as a BCC (Blind Carbon Copy).  Indeed instances of private information being accidentally distributed on CC lists have happened a number of times before.  A much more secure method would be to use an e-mail list management application such as Mailman or MailChimp.