ICO Press Release
8 February 2008
The Information Commissioner has ruled that the Mersey Care NHS Trust was right not to disclose five critical incident reports into five separate murders carried out by patients of the Trust. The Information Commissioner’s Office agreed with the Trust’s decision that the reports contain personal information and that their release under the freedom of information would breach the Data Protection Act 1998.
Mersey Care NHS Trust refused to release the reports on the grounds that they not only contained personal information of the Mersey Care patients referred to in the reports, including reference to their medical condition and treatment, but also contained the personal data of other individuals involved in their care, including their families. The Trust argued that the reports are exempt from disclosure because releasing this information would not have been expected by those who contributed to the internal inquiries and would be likely to cause damage or distress to the families of those involved.
The full decision notice can be viewed at