Members of the Royal College of Nursing (RCN) have been left feeling “violated” and “distressed” after their names were added to a no-confidence petition against the college without their consent or knowledge.
The RCN has appointed an independent cyber security service to investigate whether a breach of data protection has taken place, resulting in hundreds of names being fraudulently added to the petition.
“I think it’s an outrage that somebody has done that”
Ken Spearpoint
The petition, launched last month, had called for an extraordinary general meeting (EGM) of the RCN to be held during the college’s annual congress which is taking place in May.
It also called for a vote of no confidence in the college’s senior leadership team, including the chief executive and general secretary, Pat Cullen, who has been leading recent pay negotiations with the government.
Meanwhile, pay negotiators and the RCN’s ruling council were also under threat of a vote of no confidence.
The petition, created by former senior members of the college, was launched after the RCN announced that it was recommending that its members in England accept the latest pay deal from the UK government.
It received the required 1,000 signatures in March and was submitted to the RCN.
However, soon after the college announced that the signature verification process had found the petition to be invalid and that an investigation would be launched as a result.
The ongoing investigation, which the college said would involve the police and the regulator if necessary, is looking into whether several hundred names were added fraudulently.
The RCN today confirmed to Nursing Times that an external company, Dionach, had been appointed by the college to support the investigation.
The cybersecurity company has sent an email, seen by Nursing Times, to members whose names appeared on the petition asking them to verify whether they really signed it.
The email said that “a number of serious concerns have come to light including a potential breach of data protection legislation”.
“We have therefore been asked by the RCN to carry out an investigation to determine how many RCN members may have had their personal information added to the petition without giving their consent,” it added.
In addition, Dionach is also asking members whose names appeared on a similar petition in 2020, which called for a review to be held into the way the RCN is governed, to confirm if they signed that too.
Many nurses have spoken out on Twitter about how they did not know their names had been used to sign the recent petition, until Dionach contacted them on behalf of the RCN.
In addition, several nurses have shared identical stories, where the name and RCN membership number on the petition were correct, but the phone number and email address linked to the signature were false or old.
RCN member Ken Spearpoint told Nursing Times that he was “gobsmacked” when he heard that somebody had used his name and membership number to sign the recent petition without his permission.
He said: “I think it’s an outrage that somebody has done that, flagrantly disregarded the rules to suit their own ends, I find it offensive.”
He added: “It’s a breach of GDPR, it’s a breach of my right to a private and family life. You are messing with my reputation here.”
“The data of all of our members is of vital importance”
RCN spokesperson
While Mr Spearpoint did sign the 2020 EGM petition which is also being investigated, he said he did not support the “position” or aims of the recent one and therefore would never have signed it.
Another nurse, who wished to remain anonymous, echoed these feelings, and told Nursing Times that she had “more confidence in the current leadership than [she] had for a long time”.
She added that the fact her personal information had been used without her consent had “really distressed” her.
Meanwhile, Chris, who did not give his surname, told Nursing Times that the situation was a “source of considerable worry” for many members of the RCN.
Similarly to others, Chris had a false phone number attached to his name and RCN membership number.
He said: “I’ve seen plenty of people upset about this… myself included.
“It’s violating and I am hoping everyone involved engages earnestly in the investigation so we can discover how and why this happened.”
Repsonding to the concerns, an RCN spokesperson told Nursing Times: “The data of all of our members is of vital importance and that is why we launched an urgent investigation following concerns coming to light during the recent petition verification process.
“An external company, Dionach, has been appointed by the RCN to carry out an investigation into those concerns and the outcome of that investigation will determine our next steps.”
Addressing members, the spokesperson added: “If you receive an email, please be assured it is genuinely on our behalf and you can contribute if you wish to.”
After the most recent petition was deemed invalid by the RCN, some nurse campaigners set up an identical petition in a second attempt to call for an EGM.
The group behind the latest petition told Nursing Times that, because of the ongoing investigation, it was now validating the signatures with the individuals signing it and that the petition was “gathering momentum every day”.
The campaigners added that they stood behind a statement published earlier this week, in which they argued that anyone who had submitted names of RCN members to the first petition without their consent would have needed access to the RCN membership database.
The statement said: “Members would not have the ability, motivation, or need to sabotage their own petition with hundreds of member details who had not volunteered to sign.”