Earlier today, one of our team was emailing individuals registered as part of the Community Advisory Network to let them know about the agenda for an upcoming meeting. In human error, all email addresses of those on the list were CCd instead of BCCd. Whilst it is an easy mistake to make, we need to be open, honest and transparent about it so that we can rebuild the trust that we may have lost. We are sorry.

Members of our Community Advisory Network include people living with HIV, people at risk of HIV, PrEP users and people who support any of those groups. Many of the network know each other, but many don't. We understand that this error may have caused distress. We have contacted everyone that was affected to unreservedly apologise and outline our actions from there. This network and its members is valued by us, and I have made a personal commitment to speak to anyone who has concerns.

When we make a mistake, there is no point in trying to cover it up or be quiet about it. We let members of the Community Advisory Network down and we are sorry. We have supported people where this has occurred in other organisations, and I can assure everyone that we are taking this extremely seriously. We have reported this to the Information Commissioner’s Office to ensure it is dealt with appropriately.

All our staff are GDPR trained and operate under the guidelines set out by our Privacy Policy. As of today, all of our staff are undergoing refreshed GDPR training to avoid future human error. I am personally overseeing, and expediting, the migration of all personal contact data to an even securer database to ensure this never happens again.

It is our hope that by being honest, showing where we are accountable and apologising for this mistake, your trust in us as an organisation won’t waver.

- Nathan Sparling, Chief Executive