A London clinic (part of the NHS), has inadvertently revealed names & emails of nearly 800 HIV positive clients. http://www.theguardian.com/technolo...cidentally-reveals-hiv-status-of-780-patients Spotted within hours, and reported to the Data Protection watchdog. The employee responsible is reported as being "distraught". Caused by using a group email address rather than done individually. All too easily done, a real shame. Although the management says they will ensure it never happens again, it seems to me that the technical controls to prevent this in the first place are woefully lacking from many systems.