The North West Ambulance Service (NWAS) is conducting a formal inquiry following allegations that its personnel improperly viewed the medical files of individuals injured during the July 2024 Southport dance class attack. Salman Desai, the chief executive of the trust, confirmed that the organization is looking into potential data privacy violations.
This development follows earlier revelations that roughly 50 staff members at Aintree Hospital—where many victims received emergency care—had also accessed patient records without authorization. The father of a survivor expressed profound distress, stating that the actions of these staff members represent a significant betrayal of public trust during an incredibly vulnerable time for his family. He noted that the discovery was made while reviewing documentation provided by the University Hospitals of Liverpool Group.
Legal representatives for several survivors are now calling for NHS England to conduct a comprehensive review of staff guidelines and disciplinary protocols regarding data privacy. Leanne Lucas, the dance instructor present during the attack, also expressed deep concern and frustration, characterizing the potential breaches as further harm to those already dealing with the trauma of the incident.
The Information Commissioner’s Office has been notified of the ongoing internal investigation. While the ambulance trust has not initiated formal disciplinary action at this stage, it has indicated that human resources procedures have been updated. Similar incidents involving unauthorized record access have recently emerged at other NHS trusts, prompting broader discussions about internal data management cultures across the healthcare system.